Customer Password Resets

Customer passwords can be reset in three steps:

  1. Create a new customer password reset with the email of the customer.
  2. Get the reset password token from the response.
  3. Update the customer password reset resource passing the token and the new password.
It's your responsibility to verify the customer's identity before third step. A typical flow is to send an email to the customer with a verification link that includes the reset password token.

The customer password reset object

A customer password reset object is returned as part of the response body of each successful create, list, retrieve or update API call. The following table contains the list of all its fields along with their type, description and example values.
Object fields:
customer_email
string
The email of the customer that requires a password reset
reset_password_token
string
Automatically generated on create. Send its value as the '_reset_password_token' argument when updating the customer password.
Example:
xhFfkmfybsLxzaAP6xcs
reset_password_at
datetime
Time at which the password was reset.
Example:
2018-01-01T12:00:00.000Z
id
integer
Unique identifier for the resource.
Example:
1234
created_at
datetime
Time at which the resource was created.
Example:
2018-01-01T12:00:00.000Z
updated_at
datetime
Time at which the resource was last updated.
Example:
2018-01-01T12:00:00.000Z
reference
string
A string that you can use to add your own identifier to the resource. This can be useful for intergrating the resource to an external system, like an ERP, a marketing tool or a CRM.
Example:
ANYREFEFERNCE
metadata
object
Set of key-value pairs that you can attach to the resource. This can be useful for storing additional information about the resource in a structured format.
Example:
{"foo":"bar"}
relationship (N:1)
The customer that requires a password reset.

Create a customer password reset

To create a new customer password reset, send a POST request to the /api/customer_password_resets endpoint, passing the resource arguments in the request body. The following table contains the list of all the possible arguments, along with their type, description and examples values. All the arguments marked as required must be present in the request.
Arguments:
customer_email
required
The email of the customer that requires a password reset
reference
optional
A string that you can use to add your own identifier to the resource. This can be useful for intergrating the resource to an external system, like an ERP, a marketing tool or a CRM.
Example:
ANYREFEFERNCE
metadata
optional
Set of key-value pairs that you can attach to the resource. This can be useful for storing additional information about the resource in a structured format.
Example:
#
Example request:
POST /api/customer_password_resets HTTP/1.1
Content-Type: application/vnd.api+json
Accept: application/vnd.api+json

{
  "data": {
    "type": "customer_password_resets",
    "attributes": {
      "customer_email": "[email protected]"
    }
  }
}
Example response: 201 Created
HTTP/1.1 201 Created
Content-Type: application/vnd.api+json

{
  "data": {
    "id": "1234",
    "type": "customer_password_resets",
    "links": {
      "self": "https://your-brand.commercelayer.io/api/customer_password_resets/1234"
    },
    "attributes": {
      "customer_email": "[email protected]",
      "reset_password_token": "xhFfkmfybsLxzaAP6xcs",
      "reset_password_at": "2018-01-01T12:00:00.000Z",
      "id": "1234",
      "created_at": "2018-01-01T12:00:00.000Z",
      "updated_at": "2018-01-01T12:00:00.000Z",
      "reference": "ANYREFEFERNCE",
      "metadata": {
        "foo": "bar"
      }
    },
    "relationships": {
      "customer": {
        "links": {
          "self": "https://your-brand.commercelayer.io/api/customer_password_resets/1234/relationships/customer",
          "related": "https://your-brand.commercelayer.io/api/customer_password_resets/1234/customer"
        }
      }
    },
    "meta": {
      "mode": "test"
    }
  }
}

List all customer password resets

To fetch a collection of customer password resets, send a GET request to the /api/customer_password_resets endpoint.

Example request:
GET /api/customer_password_resets HTTP/1.1
Accept: application/vnd.api+json
Example response: 200 OK
HTTP/1.1 200 OK
Content-Type: application/vnd.api+json

{
  "data": [
    {
      "id": "1234",
      "type": "customer_password_resets",
      "links": {
        "self": "https://your-brand.commercelayer.io/api/customer_password_resets/1234"
      },
      "attributes": {
        "customer_email": "[email protected]",
        "reset_password_token": "xhFfkmfybsLxzaAP6xcs",
        "reset_password_at": "2018-01-01T12:00:00.000Z",
        "id": "1234",
        "created_at": "2018-01-01T12:00:00.000Z",
        "updated_at": "2018-01-01T12:00:00.000Z",
        "reference": "ANYREFEFERNCE",
        "metadata": {
          "foo": "bar"
        }
      },
      "relationships": {
        "customer": {
          "links": {
            "self": "https://your-brand.commercelayer.io/api/customer_password_resets/1234/relationships/customer",
            "related": "https://your-brand.commercelayer.io/api/customer_password_resets/1234/customer"
          }
        }
      },
      "meta": {
        "mode": "test"
      }
    },
    {
      "other": "... 24 customer_password_resets (first page)"
    }
  ],
  "meta": {
    "record_count": 125,
    "page_count": 5
  },
  "links": {
    "first": "/api/customer_password_resets?page[number]=1&page[size]=25",
    "prev": "/api/customer_password_resets?page[number]=2&page[size]=25",
    "next": "/api/customer_password_resets?page[number]=4&page[size]=25",
    "last": "/api/customer_password_resets?page[number]=5&page[size]=25"
  }
}
Available filters
idreset_password_tokenreferencecustomer_ididsreset_password_at_fromreset_password_at_tocreated_at_fromcreated_at_toupdated_at_fromupdated_at_to
Sortable attributes
idcreated_atupdated_atreference

Retrieve a customer password reset

To fetch a single customer password reset, send a GET request to the /api/customer_password_resets/{{id}} endpoint, where {{id}} is the id of the resource that you want to retrieve.
Example request:
GET /api/customer_password_resets/1234 HTTP/1.1
Accept: application/vnd.api+json
Example response: 200 OK
HTTP/1.1 200 OK
Content-Type: application/vnd.api+json

{
  "data": {
    "id": "1234",
    "type": "customer_password_resets",
    "links": {
      "self": "https://your-brand.commercelayer.io/api/customer_password_resets/1234"
    },
    "attributes": {
      "customer_email": "[email protected]",
      "reset_password_token": "xhFfkmfybsLxzaAP6xcs",
      "reset_password_at": "2018-01-01T12:00:00.000Z",
      "id": "1234",
      "created_at": "2018-01-01T12:00:00.000Z",
      "updated_at": "2018-01-01T12:00:00.000Z",
      "reference": "ANYREFEFERNCE",
      "metadata": {
        "foo": "bar"
      }
    },
    "relationships": {
      "customer": {
        "links": {
          "self": "https://your-brand.commercelayer.io/api/customer_password_resets/1234/relationships/customer",
          "related": "https://your-brand.commercelayer.io/api/customer_password_resets/1234/customer"
        }
      }
    },
    "meta": {
      "mode": "test"
    }
  }
}

Update a customer password reset

To update an existing customer password reset, send a PATCH request to the /api/customer_password_resets/{{id}} endpoint, where {{id}} is the id of the resource that you want to update. The following table contains the list of all the possible arguments that you can pass with the request body, along with their type, description and examples values. Please note that all arguments are optional.
Arguments:
customer_password
optional
The customer new password. This will be accepted only if a valid '_reset_password_token' is sent with the request.
Example:
secret
_reset_password_token
optional
Send the 'reset_password_token' that you got on create when updating the customer password.
Example:
xhFfkmfybsLxzaAP6xcs
reference
optional
A string that you can use to add your own identifier to the resource. This can be useful for intergrating the resource to an external system, like an ERP, a marketing tool or a CRM.
Example:
ANYREFEFERNCE
metadata
optional
Set of key-value pairs that you can attach to the resource. This can be useful for storing additional information about the resource in a structured format.
Example:
#
Example request:
PATCH /api/customer_password_resets/1234 HTTP/1.1
Content-Type: application/vnd.api+json
Accept: application/vnd.api+json

{
  "data": {
    "type": "customer_password_resets",
    "id": 1234,
    "attributes": {
      "customer_password": "secret"
    },
    "relationships": {
    }
  }
}
Example response: 200 OK
HTTP/1.1 200 OK
Content-Type: application/vnd.api+json

{
  "data": {
    "id": "1234",
    "type": "customer_password_resets",
    "links": {
      "self": "https://your-brand.commercelayer.io/api/customer_password_resets/1234"
    },
    "attributes": {
      "customer_email": "[email protected]",
      "reset_password_token": "xhFfkmfybsLxzaAP6xcs",
      "reset_password_at": "2018-01-01T12:00:00.000Z",
      "id": "1234",
      "created_at": "2018-01-01T12:00:00.000Z",
      "updated_at": "2018-01-01T12:00:00.000Z",
      "reference": "ANYREFEFERNCE",
      "metadata": {
        "foo": "bar"
      }
    },
    "relationships": {
      "customer": {
        "links": {
          "self": "https://your-brand.commercelayer.io/api/customer_password_resets/1234/relationships/customer",
          "related": "https://your-brand.commercelayer.io/api/customer_password_resets/1234/customer"
        }
      }
    },
    "meta": {
      "mode": "test"
    }
  }
}

Delete a customer password reset

To delete a customer password reset, send a DELETE request to the /api/customer_password_resets/{{id}} endpoint, where {{id}} is the id of the resource that you want to delete.
Example request:
DELETE /api/customer_password_resets/1234 HTTP/1.1
Accept: application/vnd.api+json
Example response: 204 No Content
HTTP/1.1 204 No Content

Get our machine-readable JSON schema that follows the OpenAPI Specification (formerly Swagger).

Get our Postman collection in one click and start making real calls to Commerce Layer API in minutes.

Get in touch with our support team if you have any questions or want to learn more about Commerce Layer.