docs
  1. SCAYLE Resource Center
  2. Authentication & Accounts
  3. Password reset

Password Reset

Customers can reset their password. This works in a two-step process:

  1. Enter email address to request a password reset email.
  2. Click the link/button in the email and enter new password.

Checkout Authentication API

Request password reset email

Add a form to the storefront frontend where the user can enter their email and request their password to be reset.

In your backend, use this Checkout Authentication API endpoint to trigger the password reset email to be sent to the customer:

const response = await fetch('https://{{tenant-space}}.auth.scayle.cloud/v1/auth/password/send-reset-email', {​
    method: 'POST',​
    headers: {​
      "Authorization": "basic <token>",​
      "Content-Type": "application/json"​
    },​
    body: JSON.stringify({​
      "shop_id": 139,​
      "email": "[email protected]",​
      "reset_url": "https://checkout.aboutyou.dev/password/reset?hash={hash}"​
    }),​
​});​
​const data = await response.json();

You can freely choose the route and structure of the reset_url. It needs to link to the page you build in the following step. Be sure to keep the {hash} placeholder somewhere in the URL. The Checkout Authentication API will insert the password reset token into the hash placeholder before sending the email.

Refer to the API Specification for further insights on this endpoint.

Update password by hash

At the reset_Url (provided in the previous step), create a form where the user can enter their new password. The customer lands on this form after clicking the button/link in the password reset email.

Extract the password reset token ("hash") from the URL and send it to your backend together with the new password. Then forward it to this Checkout Authentication API endpoint to finalize the password reset flow:

const response = await fetch('https://{{tenant-space}}.auth.scayle.cloud/v1/auth/password/update-by-hash', {
    method: 'PUT',
    headers: {
      "Authorization": "basic <token>",
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "shop_id": 139,
      "password": "somepassword",
      "hash": "f9d42e88-8642-4280-850a-1c0321dd5ea4"
    }),
});
const data = await response.json();

Refer to the API Specification for further insights on this endpoint.

Admin API

Reset Password via Admin API

SCAYLE allows you to trigger a reset for a customer password with an email by using the respective customer identifier. Once the email was triggered, the customer will receive a reset password link by email.

This method can be used to trigger an email to reset an existing customer's password.

Method Signature

await adminApi.apis.Customers.resetCustomerPassword({shopKey: shopKey, countryCode: countryCode, customerIdentifier: customerIdentifier});

Example of Customer Password Reset

adminApi.apis.Customers.resetCustomerPassword({shopKey: 'ms', countryCode: 'DE', customerIdentifier: "key=my-key"});

Refer to the API Specification for further insights on this endpoint.