Change Password

PUT 
/password-srv/password

Changes password for authenticated users. Use this endpoint for user-initiated password change in profile/security settings.

Do not use this endpoint for:

• forgot-password flow for unauthenticated users
• first-login enforced password change (password_change precheck flow)
• initial password setup for passwordless/social users (use POST /password-srv/password)

Documentation on the change password flow and profile page integration is available here.

Request

Responses

200

Password changed successfully. Session behavior depends on logout_option.

400

Bad Request (validation or policy failure)

401

Unauthorized (e.g. missing or invalid token, or sub/identityId in payload does not match the access token)

417

Validation failed (e.g. missing required payload fields, data type mismatch)