Auth0 Home Blog Docs

How do I change password with old password?

password-reset
password
change-password

#1

How do i change password with old password?
I can see API to reset password by sending email to user.
But i couldn’t see any API to change password with user’s old password. The request may look like below.

{
"clientID": "*******************",
"email": "mail id",
"oldPassword": "****",
"newPassword": "****"
}

Please do let me know, if such endpoint exist.


#2

At this time there is no endpoint that given the current user password would allow to directly change it for a new one; you can somewhat replicate that behavior by leveraging the Management API and by performing an authentication operation as means to validate existing password, but it would require custom implementation and the appropriate configuration to make it work.

As additional information, this ability/endpoint is something that I have seen discussed and likely to be available in a more direct manner in the future, however, for now I can’t provide any definitive information about if/when it will be available.


#3

Thanks for replying. Our team is running into the same issue with us wanting a validate a users request with their current password input before the user can update it to a new password.


#4

We have the same use-case to implement.

I take it the current solution still has to be to perform a separate auth from our back-end to verify the provided password?


#5

That would still be the case at this time, given a built-in endpoint to change password based on the old one is not yet available.


#6

Thanks for replying! Is this feature being developed? And is there an ETA for this feature by any chance?


#7

Hi! We currently do not have an ETA for this feature @abe


#8