Password reset

POST /callbacks/password-reset

During a password reset the user is only able to provide the HAVE using the email address. In order to retain the user data the user has to provide a second factor, either HAVE or KNOW.

The prove can be done with PIN (KNOW) or the device OTP (HAVE).

This callback is called before the password of the user is reset. If the user is able to provide his/her prove correctly the data of the user remain untouched. In case the prove is in correctly provided for more than 3 times, the critical data e.g. payment data of the user is deleted in order to prevent theft.

  • 404 is returned in case the user has no prove defined.
  • 410 is returned in case the prove didn't match multiple times, the user data will be deleted for safety reasons.
  • 422 is returned in case the the prove is incorrect.
application/vnd.api+json

Body Required

  • pin string

    4-digit code

  • skip boolean

    allows skipping credential verification

Responses

  • PIN is correct, data will be retained

  • 400 application/vnd.api+json

    Bad request

    Hide response attribute Show response attribute object

    Error objects provide additional information about problems encountered while performing an operation. Errors also contain codes besides title and message which can be used for checks even if the detailed messages might change.

    * 1000: generic error * 1001: payment processing temporarily unavailable * 1002: requested amount exceeds the authorized amount of the provided token * 1003: implicit payment methods cannot be modified * 1004: payment method rejected by provider * provider:payment-method-rejected: payment method rejected by provider (identical to 1004) * rule:product-denied: Product restrictions forbid transaction, e.g., forbidden fuel type - token authorized only for Diesel but attempted to fuel Super.

    • errors array[object]
      Hide errors attributes Show errors attributes object
      • id string

        A unique identifier for this particular occurrence of the problem.

      • status string

        the HTTP status code applicable to this problem, expressed as a string value.

      • code string

        an application-specific error code, expressed as a string value.

      • title string

        A short, human-readable summary of the problem that SHOULD NOT change from occurrence to occurrence of the problem, except for purposes of localization.

      • detail string

        a human-readable explanation specific to this occurrence of the problem. Like title, this field’s value can be localized.

      • source object

        An object containing references to the source of the error.

        Hide source attributes Show source attributes
        • pointer string

          A JSON Pointer [RFC6901] to the associated entity in the request document [e.g. "/data" for a primary data object, or "/data/attributes/title" for a specific attribute].

        • A string indicating which URI query parameter caused the error.

      • meta object

        a meta object containing non-standard meta-information about the error.

        Hide meta attribute Show meta attribute
  • 401 application/vnd.api+json

    OAuth token missing or invalid or a linked identity is missing.

    Linked identity missing is a special case where you need to make sure that the user has additionally logged in / authorized with a third-party.

    This is not relevant for most use-cases.

    The specific error code that identifies a missing linked identity is missing-linked-identity

    Example:

      {
          "errors": [
              {
                  "id": "cbgmhslmp1o9or9kh1p0",
                  "title": "Missing linked identity for authorized access",
                  "detail": "Linked identity is needed to access this resource, please check why the user does not have a linked identity",
                  "status": "401",
                  "code": "missing-linked-identity"
              }
          ]
      }
    
    Hide response attribute Show response attribute object

    Error objects provide additional information about problems encountered while performing an operation. Errors also contain codes besides title and message which can be used for checks even if the detailed messages might change.

    * 1000: generic error * 1001: payment processing temporarily unavailable * 1002: requested amount exceeds the authorized amount of the provided token * 1003: implicit payment methods cannot be modified * 1004: payment method rejected by provider * provider:payment-method-rejected: payment method rejected by provider (identical to 1004) * rule:product-denied: Product restrictions forbid transaction, e.g., forbidden fuel type - token authorized only for Diesel but attempted to fuel Super.

    • errors array[object]
      Hide errors attributes Show errors attributes object
      • id string

        A unique identifier for this particular occurrence of the problem.

      • status string

        the HTTP status code applicable to this problem, expressed as a string value.

      • code string

        an application-specific error code, expressed as a string value.

      • title string

        A short, human-readable summary of the problem that SHOULD NOT change from occurrence to occurrence of the problem, except for purposes of localization.

      • detail string

        a human-readable explanation specific to this occurrence of the problem. Like title, this field’s value can be localized.

      • source object

        An object containing references to the source of the error.

        Hide source attributes Show source attributes
        • pointer string

          A JSON Pointer [RFC6901] to the associated entity in the request document [e.g. "/data" for a primary data object, or "/data/attributes/title" for a specific attribute].

        • A string indicating which URI query parameter caused the error.

      • meta object

        a meta object containing non-standard meta-information about the error.

        Hide meta attribute Show meta attribute
  • 403 application/vnd.api+json

    Forbidden

    Hide response attribute Show response attribute object

    Error objects provide additional information about problems encountered while performing an operation. Errors also contain codes besides title and message which can be used for checks even if the detailed messages might change.

    * 1000: generic error * 1001: payment processing temporarily unavailable * 1002: requested amount exceeds the authorized amount of the provided token * 1003: implicit payment methods cannot be modified * 1004: payment method rejected by provider * provider:payment-method-rejected: payment method rejected by provider (identical to 1004) * rule:product-denied: Product restrictions forbid transaction, e.g., forbidden fuel type - token authorized only for Diesel but attempted to fuel Super.

    • errors array[object]
      Hide errors attributes Show errors attributes object
      • id string

        A unique identifier for this particular occurrence of the problem.

      • status string

        the HTTP status code applicable to this problem, expressed as a string value.

      • code string

        an application-specific error code, expressed as a string value.

      • title string

        A short, human-readable summary of the problem that SHOULD NOT change from occurrence to occurrence of the problem, except for purposes of localization.

      • detail string

        a human-readable explanation specific to this occurrence of the problem. Like title, this field’s value can be localized.

      • source object

        An object containing references to the source of the error.

        Hide source attributes Show source attributes
        • pointer string

          A JSON Pointer [RFC6901] to the associated entity in the request document [e.g. "/data" for a primary data object, or "/data/attributes/title" for a specific attribute].

        • A string indicating which URI query parameter caused the error.

      • meta object

        a meta object containing non-standard meta-information about the error.

        Hide meta attribute Show meta attribute
  • 404 application/vnd.api+json

    Resource not found

    Hide response attribute Show response attribute object

    Error objects provide additional information about problems encountered while performing an operation. Errors also contain codes besides title and message which can be used for checks even if the detailed messages might change.

    * 1000: generic error * 1001: payment processing temporarily unavailable * 1002: requested amount exceeds the authorized amount of the provided token * 1003: implicit payment methods cannot be modified * 1004: payment method rejected by provider * provider:payment-method-rejected: payment method rejected by provider (identical to 1004) * rule:product-denied: Product restrictions forbid transaction, e.g., forbidden fuel type - token authorized only for Diesel but attempted to fuel Super.

    • errors array[object]
      Hide errors attributes Show errors attributes object
      • id string

        A unique identifier for this particular occurrence of the problem.

      • status string

        the HTTP status code applicable to this problem, expressed as a string value.

      • code string

        an application-specific error code, expressed as a string value.

      • title string

        A short, human-readable summary of the problem that SHOULD NOT change from occurrence to occurrence of the problem, except for purposes of localization.

      • detail string

        a human-readable explanation specific to this occurrence of the problem. Like title, this field’s value can be localized.

      • source object

        An object containing references to the source of the error.

        Hide source attributes Show source attributes
        • pointer string

          A JSON Pointer [RFC6901] to the associated entity in the request document [e.g. "/data" for a primary data object, or "/data/attributes/title" for a specific attribute].

        • A string indicating which URI query parameter caused the error.

      • meta object

        a meta object containing non-standard meta-information about the error.

        Hide meta attribute Show meta attribute
  • 410 application/vnd.api+json

    Resource is gone

    Hide response attribute Show response attribute object

    Error objects provide additional information about problems encountered while performing an operation. Errors also contain codes besides title and message which can be used for checks even if the detailed messages might change.

    * 1000: generic error * 1001: payment processing temporarily unavailable * 1002: requested amount exceeds the authorized amount of the provided token * 1003: implicit payment methods cannot be modified * 1004: payment method rejected by provider * provider:payment-method-rejected: payment method rejected by provider (identical to 1004) * rule:product-denied: Product restrictions forbid transaction, e.g., forbidden fuel type - token authorized only for Diesel but attempted to fuel Super.

    • errors array[object]
      Hide errors attributes Show errors attributes object
      • id string

        A unique identifier for this particular occurrence of the problem.

      • status string

        the HTTP status code applicable to this problem, expressed as a string value.

      • code string

        an application-specific error code, expressed as a string value.

      • title string

        A short, human-readable summary of the problem that SHOULD NOT change from occurrence to occurrence of the problem, except for purposes of localization.

      • detail string

        a human-readable explanation specific to this occurrence of the problem. Like title, this field’s value can be localized.

      • source object

        An object containing references to the source of the error.

        Hide source attributes Show source attributes
        • pointer string

          A JSON Pointer [RFC6901] to the associated entity in the request document [e.g. "/data" for a primary data object, or "/data/attributes/title" for a specific attribute].

        • A string indicating which URI query parameter caused the error.

      • meta object

        a meta object containing non-standard meta-information about the error.

        Hide meta attribute Show meta attribute
  • 422 application/vnd.api+json

    The request was well-formed but was unable to be followed due to semantic errors.

    Hide response attribute Show response attribute object

    Error objects provide additional information about problems encountered while performing an operation. Errors also contain codes besides title and message which can be used for checks even if the detailed messages might change.

    * 1000: generic error * 1001: payment processing temporarily unavailable * 1002: requested amount exceeds the authorized amount of the provided token * 1003: implicit payment methods cannot be modified * 1004: payment method rejected by provider * provider:payment-method-rejected: payment method rejected by provider (identical to 1004) * rule:product-denied: Product restrictions forbid transaction, e.g., forbidden fuel type - token authorized only for Diesel but attempted to fuel Super.

    • errors array[object]
      Hide errors attributes Show errors attributes object
      • id string

        A unique identifier for this particular occurrence of the problem.

      • status string

        the HTTP status code applicable to this problem, expressed as a string value.

      • code string

        an application-specific error code, expressed as a string value.

      • title string

        A short, human-readable summary of the problem that SHOULD NOT change from occurrence to occurrence of the problem, except for purposes of localization.

      • detail string

        a human-readable explanation specific to this occurrence of the problem. Like title, this field’s value can be localized.

      • source object

        An object containing references to the source of the error.

        Hide source attributes Show source attributes
        • pointer string

          A JSON Pointer [RFC6901] to the associated entity in the request document [e.g. "/data" for a primary data object, or "/data/attributes/title" for a specific attribute].

        • A string indicating which URI query parameter caused the error.

      • meta object

        a meta object containing non-standard meta-information about the error.

        Hide meta attribute Show meta attribute
  • 501 application/vnd.api+json

    Internal server error

    Hide response attribute Show response attribute object

    Error objects provide additional information about problems encountered while performing an operation. Errors also contain codes besides title and message which can be used for checks even if the detailed messages might change.

    * 1000: generic error * 1001: payment processing temporarily unavailable * 1002: requested amount exceeds the authorized amount of the provided token * 1003: implicit payment methods cannot be modified * 1004: payment method rejected by provider * provider:payment-method-rejected: payment method rejected by provider (identical to 1004) * rule:product-denied: Product restrictions forbid transaction, e.g., forbidden fuel type - token authorized only for Diesel but attempted to fuel Super.

    • errors array[object]
      Hide errors attributes Show errors attributes object
      • id string

        A unique identifier for this particular occurrence of the problem.

      • status string

        the HTTP status code applicable to this problem, expressed as a string value.

      • code string

        an application-specific error code, expressed as a string value.

      • title string

        A short, human-readable summary of the problem that SHOULD NOT change from occurrence to occurrence of the problem, except for purposes of localization.

      • detail string

        a human-readable explanation specific to this occurrence of the problem. Like title, this field’s value can be localized.

      • source object

        An object containing references to the source of the error.

        Hide source attributes Show source attributes
        • pointer string

          A JSON Pointer [RFC6901] to the associated entity in the request document [e.g. "/data" for a primary data object, or "/data/attributes/title" for a specific attribute].

        • A string indicating which URI query parameter caused the error.

      • meta object

        a meta object containing non-standard meta-information about the error.

        Hide meta attribute Show meta attribute
POST /callbacks/password-reset
curl \
 -X POST https://api.pace.cloud/user/2024-1/callbacks/password-reset \
 -H "Authorization: Bearer $ACCESS_TOKEN" \
 -H "Content-Type: application/vnd.api+json"
Request examples
{
  "pin": "5621",
  "skip": true
}
Response examples (400)
{
  "errors": [
    {
      "id": "string",
      "links": {
        "about": "string"
      },
      "status": "string",
      "code": "string",
      "title": "string",
      "detail": "string",
      "source": {
        "pointer": "string",
        "parameter": "string"
      },
      "meta": {}
    }
  ]
}
Response examples (401)
{
  "errors": [
    {
      "id": "string",
      "links": {
        "about": "string"
      },
      "status": "string",
      "code": "string",
      "title": "string",
      "detail": "string",
      "source": {
        "pointer": "string",
        "parameter": "string"
      },
      "meta": {}
    }
  ]
}
Response examples (403)
{
  "errors": [
    {
      "id": "string",
      "links": {
        "about": "string"
      },
      "status": "string",
      "code": "string",
      "title": "string",
      "detail": "string",
      "source": {
        "pointer": "string",
        "parameter": "string"
      },
      "meta": {}
    }
  ]
}
Response examples (404)
{
  "errors": [
    {
      "id": "string",
      "links": {
        "about": "string"
      },
      "status": "string",
      "code": "string",
      "title": "string",
      "detail": "string",
      "source": {
        "pointer": "string",
        "parameter": "string"
      },
      "meta": {}
    }
  ]
}
Response examples (410)
{
  "errors": [
    {
      "id": "string",
      "links": {
        "about": "string"
      },
      "status": "string",
      "code": "string",
      "title": "string",
      "detail": "string",
      "source": {
        "pointer": "string",
        "parameter": "string"
      },
      "meta": {}
    }
  ]
}
Response examples (422)
{
  "errors": [
    {
      "id": "string",
      "links": {
        "about": "string"
      },
      "status": "string",
      "code": "string",
      "title": "string",
      "detail": "string",
      "source": {
        "pointer": "string",
        "parameter": "string"
      },
      "meta": {}
    }
  ]
}
Response examples (501)
{
  "errors": [
    {
      "id": "string",
      "links": {
        "about": "string"
      },
      "status": "string",
      "code": "string",
      "title": "string",
      "detail": "string",
      "source": {
        "pointer": "string",
        "parameter": "string"
      },
      "meta": {}
    }
  ]
}