Skip to main content
POST
/
api
/
sys
/
users
/
startPasswordReset
{
  "WasSuccessful": true,
  "Value": {},
  "Status": 123,
  "Message": {},
  "Errors": "<any>",
  "400 Bad Request": {}
}

Start Password Reset

Sends a password-reset email to the customer’s registered email address. The email contains a one-time link that the customer can follow to set a new password. The portal calls this from the “Forgot your password?” flow on the sign-in page.

Authentication

No authentication required. This is a public endpoint.

Request Body

email
string
required
The email address of the account for which the password reset should be triggered.
businessId
number
The numeric identifier of the location the customer belongs to. Providing this ensures the correct branded email template is used.

Response

Returns an ActionConfirmation envelope. The portal treats any successful response as confirmation that the email was sent — it does not reveal whether the email address is registered, to prevent enumeration attacks.
WasSuccessful
boolean
true when the reset email was dispatched (or when no account was found — the response is intentionally the same to prevent user enumeration).
Value
string | null
Usually null.
Status
number
HTTP-style status code mirrored in the body. 200 on success.
Message
string | null
Human-readable message. Usually null on success.
Errors
any
Validation errors. null on success.

Example Response

{
  "WasSuccessful": true,
  "Value": null,
  "Status": 200,
  "Message": null,
  "Errors": null
}

TypeScript Integration

import endpoints from '@/api/endpoints'

const url = endpoints.system.users.startPasswordReset
// => '/api/sys/users/startPasswordReset'

await httpClient.post(url, { email: userEmail, businessId })

Usage in Portal

ContextSource file
Forgot password page / modalsrc/views/auth/ForgotPassword/

Error Responses

400 Bad Request
error
The email field is missing or the request body is malformed.
MethodEndpointDescription
POST/api/sys/users/completePasswordResetComplete the reset flow with the token from the email
POST/api/tokenSign in after completing the password reset
GET/api/sys/users/sendOtpSend a one-time password for passwordless sign-in