Signature of NodeJS script that I need to provide is as follow:
function changePassword(email, newPassword, callback). Since the signature does not take old password into account there is a question of securing this endpoint so a third party won’t be able to change User’s password. Would that be done by IP whitelist and HTTPS connection or do you recommend / provide some other means of security for it?
Sorry for such delay in response! We’re doing our best in providing the best developer support experience out there, but sometimes the number of incoming questions is just too big for our bandwidth. Sorry for such inconvenience!
Do you still require further assistance from us?
Yep, that is a fairly slow turnaround time. I think we are good for now. Your API probably changed since last year and I wasn’t asked to review it again so we are good for now.
Once more terribly sorry for such delay in response! We’re working towards decreasing it and getting more people on board.