Skip to main content
POST
/
api
/
auth
/
forgot-password
Forgot Password
curl --request POST \
  --url https://api.example.com/api/auth/forgot-password \
  --header 'Content-Type: application/json' \
  --data '
{
  "email": "<string>"
}
'
{
  "message": "<string>",
  "error": "<string>"
}
Initiates the password reset process by sending a reset token to the user’s registered email address. The user can then use this token to set a new password.

Authentication

No authentication required.

Request Body

email
string
required
Registered email address for the account that needs password reset.

Response

message
string
Success message confirming the reset email has been sent.

Example Request

curl -X POST https://api.contafy.com/api/auth/forgot-password \
  -H "Content-Type: application/json" \
  -d '{
    "email": "usuario@ejemplo.com"
  }'

Example Response

{
  "message": "Si el email existe en nuestro sistema, recibirás instrucciones para restablecer tu contraseña"
}

Error Responses

error
string
Error type identifier.
message
string
Human-readable error message.

Common Errors

400 Bad Request 
{
  "error": "VALIDATION_ERROR",
  "message": "Email es requerido"
}
400 Bad Request 
{
  "error": "VALIDATION_ERROR",
  "message": "El formato del email es inválido"
}
429 Too Many Requests 
{
  "error": "RATE_LIMIT_EXCEEDED",
  "message": "Demasiadas solicitudes. Por favor intenta más tarde"
}

Notes

  • For security reasons, the API returns a success message regardless of whether the email exists
  • Password reset tokens typically expire after 1 hour
  • Rate limiting is applied to prevent abuse
  • Only the most recent reset token is valid; requesting a new one invalidates previous tokens