Forgot Password
Request a password reset email for an account.
Arguments
| Name | Type | Required | Description |
|---|---|---|---|
email | String | ✅ Yes | Customer's registered email address |
Response
| Field | Type | Description |
|---|---|---|
message | String | Success or error message |
success | Boolean | Request success status |
Behavior
- Sends a password reset link to the customer's email
- The reset link is valid for a configurable period (typically 24 hours)
- Customer uses the link to set a new password
- Old tokens are invalidated when password is reset
Error Responses
json
{
"errors": {
"email": ["No account found with this email address."]
}
}Email Content
The reset email typically contains:
- A unique password reset link/token
- Expiration time for the token
- Instructions to reset the password
- Security information
Next Steps
After requesting password reset:
- Customer receives email with reset link
- Customer clicks the link
- Customer enters new password
- Customer uses Reset Password mutation to confirm