Home/ Questions/Q 879059
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-15T11:52:02+00:00

What is the proper way to structure a RESTful resource for resetting a password?

  • 0

What is the proper way to structure a RESTful resource for resetting a password?

This resource is meant to be a password resetter for someone who has lost or forgotten their password. It invalidates their old password and e-mails them a password.

The two options that I have are:

POST /reset_password/{user_name}

or…

POST /reset_password
   -Username passed through request body

I’m pretty sure the request should be a POST. I’m less confident that I have selected an appropriate name. And I’m not sure if the user_name should be passed through the URL or the request body.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    UPDATE: (further to comment below)

    I would go for something like this:

    POST /users/:user_id/reset_password

    You have a collection of users, where the single user is specified by the {user_name}. You would then specify the action to operate on, which in this case is reset_password. It is like saying “Create (POST) a new reset_password action for {user_name}“.

    Previous answer:

    I would go for something like this:

    PUT /users/:user_id/attributes/password
    -- The "current password" and the "new password" passed through the body

    You’d have two collections, a users collection, and an attributes collection for each user. The user is specified by the :user_id and the attribute is specified by password. The PUT operation updates the addressed member of the collection.

    • 0