@xfloor-memory-sdk
  1. Registration
@xfloor-memory-sdk
  • Get Started
    • Overview
    • Quick Start
    • Authentication and Identification
    • Core Concepts (5-Minute Read)
    • What to Use First (API Map)
  • SDK
    • Overview
    • SDK Installation & Setup
    • Python SDK
    • JavaScript SDK
    • Typescript SDK
    • Java SDK
    • FAQ & Troubleshooting
    • Copy-Paste Debug Checklists
  • Core FloorMemory
    • Query (Primary API)
      POST
    • Create Event (Post Content)
      POST
    • Recent Events
      GET
    • Basic information of a floor
      GET
  • Floor Management
    • Edit floor
    • Make floor Private
    • Make floor public
    • Rename floor
  • Registration
    • Sign Up
      POST
    • Sign In with email ID
      POST
    • Sign In with Mobile number
      POST
    • Validation
      POST
    • Change Password
      POST
    • Reset Password
      POST
    • Change email ID
      POST
    • Change Mobile number
      POST
    • Send Validation code
      POST
    • External User Registration
      POST
  • SDKs
  • Schemas
    • PostAdd
    • QueryResponse
    • Media
    • UserDetails
    • SignUpResponse
    • BlockDetails
    • FloorInfo
    • Threads
    • EventResponse
    • 400ErrorCode
    • Remaining
  1. Registration

Change Password

POST
/auth-service/password/change

1) POST /password/change — Change Password (Logged-in User)#

Changes the password of an authenticated user who is currently logged in.
This endpoint is used when a user is already signed in and wants to update their password as a security or preference action. The system validates a one-time password-change verification code (activation_code) issued specifically for the change-password flow. If the code is valid and not expired, the user’s password is updated to new_password and takes effect immediately.
If verification fails, the password remains unchanged and an error response is returned.

Authentication#

✅ Required: Bearer token for the logged-in session
Authorization: Bearer <access_token>

Request Body (Form Data)#

user_id (optional if derived from token)
activation_code (required)
new_password (required)

Behavior Notes#

Typically requires a prior call to send a verification code for password change (mode = password change).
user_id can be taken from the access token; include it only if your system requires it explicitly.

One-Line Summary#

Changes the password for a logged-in user after validating a one-time password-change code.

Request

Authorization
Provide your bearer token in the
Authorization
header when making requests to protected resources.
Example:
Authorization: Bearer ********************
Body Params multipart/form-dataRequired

Responses

🟢200Success
application/json
Body

🟠400BadRequest
Request Request Example
Shell
JavaScript
Java
Swift
curl --location --request POST 'https://appfloor.in/auth-service/password/change' \
--header 'Authorization: Bearer <token>' \
--form 'user_id="\"187626754904\""' \
--form 'new_password="\"mypassword\""' \
--form 'activation_code="\"2347\""'
Response Response Example
200 - Example 1
{
    "error": {
        "code": "XF_VALIDATION_ERROR",
        "message": "The signup failed or wrong user_id",
        "path": "/auth-service/validate/activation/code",
        "timestamp": "2026-01-12T08:11:59.993079561Z"
    }
}
Modified at 2026-01-21 06:45:00
Previous
Validation
Next
Reset Password
Built with