Password Reset
Customers can reset their password. This works in a two-step process:
- Enter email address to request a password reset email.
- Click the link/button in the email and enter new password.
Checkout Authentication API
Request password reset email
Add a form to the storefront frontend where the user can enter their email and request their password to be reset.
In your backend, use this Checkout Authentication API endpoint to trigger the password reset email to be sent to the customer:
const response = await fetch('https://{{tenant-space}}.auth.scayle.cloud/v1/auth/password/send-reset-email', {​
method: 'POST',​
headers: {​
"Authorization": "basic <token>",​
"Content-Type": "application/json"​
},​
body: JSON.stringify({​
"shop_id": 139,​
"email": "[email protected]",​
"reset_url": "https://checkout.aboutyou.dev/password/reset?hash={hash}"​
}),​
​});​
​const data = await response.json();
You can freely choose the route and structure of the reset_url. It needs to link to the page you build in the following step. Be sure to keep the {hash} placeholder somewhere in the URL. The Checkout Authentication API will insert the password reset token into the hash placeholder before sending the email.
Refer to the API Specification for further insights on this endpoint.
Update password by hash
At the reset_Url (provided in the previous step), create a form where the user can enter their new password. The customer lands on this form after clicking the button/link in the password reset email.
Extract the password reset token ("hash") from the URL and send it to your backend together with the new password. Then forward it to this Checkout Authentication API endpoint to finalize the password reset flow:
const response = await fetch('https://{{tenant-space}}.auth.scayle.cloud/v1/auth/password/update-by-hash', {
method: 'PUT',
headers: {
"Authorization": "basic <token>",
"Content-Type": "application/json"
},
body: JSON.stringify({
"shop_id": 139,
"password": "somepassword",
"hash": "f9d42e88-8642-4280-850a-1c0321dd5ea4"
}),
});
const data = await response.json();
Refer to the API Specification for further insights on this endpoint.
Admin API
Reset Password via Admin API
SCAYLE allows you to trigger a reset for a customer password with an email by using the respective customer identifier. Once the email was triggered, the customer will receive a reset password link by email.
This method can be used to trigger an email to reset an existing customer's password.
Method Signature
await adminApi.apis.Customers.resetCustomerPassword({shopKey: shopKey, countryCode: countryCode, customerIdentifier: customerIdentifier});
Example of Customer Password Reset
adminApi.apis.Customers.resetCustomerPassword({shopKey: 'ms', countryCode: 'DE', customerIdentifier: "key=my-key"});
Refer to the API Specification for further insights on this endpoint.
