Password reset

POST /callbacks/password-reset

During a password reset the user is only able to provide the HAVE using the email address. In order to retain the user data the user has to provide a second factor, either HAVE or KNOW.

The prove can be done with PIN (KNOW) or the device OTP (HAVE).

This callback is called before the password of the user is reset. If the user is able to provide his/her prove correctly the data of the user remain untouched. In case the prove is in correctly provided for more than 3 times, the critical data e.g. payment data of the user is deleted in order to prevent theft.

404 is returned in case the user has no prove defined.
410 is returned in case the prove didn't match multiple times, the user data will be deleted for safety reasons.
422 is returned in case the the prove is incorrect.

application/vnd.api+json

Body Required

pin string

4-digit code
skip boolean

allows skipping credential verification

Responses

204

PIN is correct, data will be retained
400 application/vnd.api+json

Bad request
Hide response attribute Show response attribute object
Error objects provide additional information about problems encountered while performing an operation. Errors also contain codes besides title and message which can be used for checks even if the detailed messages might change.

* 1000: generic error * 1001: payment processing temporarily unavailable * 1002: requested amount exceeds the authorized amount of the provided token * 1003: implicit payment methods cannot be modified * 1004: payment method rejected by provider * provider:payment-method-rejected: payment method rejected by provider (identical to 1004) * rule:product-denied: Product restrictions forbid transaction, e.g., forbidden fuel type - token authorized only for Diesel but attempted to fuel Super.
- errors array[object]
  
  Hide errors attributes Show errors attributes object
  
  id string
  
  A unique identifier for this particular occurrence of the problem.
  
  links object
  
  Hide links attribute Show links attribute object
  
  about string
  
  A link that leads to further details about this particular occurrence of the problem.
  
  status string
  
  the HTTP status code applicable to this problem, expressed as a string value.
  
  code string
  
  an application-specific error code, expressed as a string value.
  
  title string
  
  A short, human-readable summary of the problem that SHOULD NOT change from occurrence to occurrence of the problem, except for purposes of localization.
  
  detail string
  
  a human-readable explanation specific to this occurrence of the problem. Like title, this field’s value can be localized.
  
  source object
  
  An object containing references to the source of the error.
  
  Hide source attributes Show source attributes object
  
  pointer string
  
  A JSON Pointer [RFC6901] to the associated entity in the request document [e.g. "/data" for a primary data object, or "/data/attributes/title" for a specific attribute].
  
  parameter string
  
  A string indicating which URI query parameter caused the error.
  
  meta object
  
  a meta object containing non-standard meta-information about the error.
  
  Hide meta attribute Show meta attribute object
  
  Additional properties are allowed
401 application/vnd.api+json
OAuth token missing or invalid or a linked identity is missing.

Linked identity missing is a special case where you need to make sure that the user has additionally logged in / authorized with a third-party.

This is not relevant for most use-cases.

The specific error code that identifies a missing linked identity is missing-linked-identity

Example:
```
  {
      "errors": [
          {
              "id": "cbgmhslmp1o9or9kh1p0",
              "title": "Missing linked identity for authorized access",
              "detail": "Linked identity is needed to access this resource, please check why the user does not have a linked identity",
              "status": "401",
              "code": "missing-linked-identity"
          }
      ]
  }
```
Hide response attribute Show response attribute object
Error objects provide additional information about problems encountered while performing an operation. Errors also contain codes besides title and message which can be used for checks even if the detailed messages might change.

* 1000: generic error * 1001: payment processing temporarily unavailable * 1002: requested amount exceeds the authorized amount of the provided token * 1003: implicit payment methods cannot be modified * 1004: payment method rejected by provider * provider:payment-method-rejected: payment method rejected by provider (identical to 1004) * rule:product-denied: Product restrictions forbid transaction, e.g., forbidden fuel type - token authorized only for Diesel but attempted to fuel Super.
- errors array[object]
  
  Hide errors attributes Show errors attributes object
  
  id string
  
  A unique identifier for this particular occurrence of the problem.
  
  links object
  
  Hide links attribute Show links attribute object
  
  about string
  
  A link that leads to further details about this particular occurrence of the problem.
  
  status string
  
  the HTTP status code applicable to this problem, expressed as a string value.
  
  code string
  
  an application-specific error code, expressed as a string value.
  
  title string
  
  A short, human-readable summary of the problem that SHOULD NOT change from occurrence to occurrence of the problem, except for purposes of localization.
  
  detail string
  
  a human-readable explanation specific to this occurrence of the problem. Like title, this field’s value can be localized.
  
  source object
  
  An object containing references to the source of the error.
  
  Hide source attributes Show source attributes object
  
  pointer string
  
  A JSON Pointer [RFC6901] to the associated entity in the request document [e.g. "/data" for a primary data object, or "/data/attributes/title" for a specific attribute].
  
  parameter string
  
  A string indicating which URI query parameter caused the error.
  
  meta object
  
  a meta object containing non-standard meta-information about the error.
  
  Hide meta attribute Show meta attribute object
  
  Additional properties are allowed
403 application/vnd.api+json

Forbidden
Hide response attribute Show response attribute object
Error objects provide additional information about problems encountered while performing an operation. Errors also contain codes besides title and message which can be used for checks even if the detailed messages might change.

* 1000: generic error * 1001: payment processing temporarily unavailable * 1002: requested amount exceeds the authorized amount of the provided token * 1003: implicit payment methods cannot be modified * 1004: payment method rejected by provider * provider:payment-method-rejected: payment method rejected by provider (identical to 1004) * rule:product-denied: Product restrictions forbid transaction, e.g., forbidden fuel type - token authorized only for Diesel but attempted to fuel Super.
- errors array[object]
  
  Hide errors attributes Show errors attributes object
  
  id string
  
  A unique identifier for this particular occurrence of the problem.
  
  links object
  
  Hide links attribute Show links attribute object
  
  about string
  
  A link that leads to further details about this particular occurrence of the problem.
  
  status string
  
  the HTTP status code applicable to this problem, expressed as a string value.
  
  code string
  
  an application-specific error code, expressed as a string value.
  
  title string
  
  A short, human-readable summary of the problem that SHOULD NOT change from occurrence to occurrence of the problem, except for purposes of localization.
  
  detail string
  
  a human-readable explanation specific to this occurrence of the problem. Like title, this field’s value can be localized.
  
  source object
  
  An object containing references to the source of the error.
  
  Hide source attributes Show source attributes object
  
  pointer string
  
  A JSON Pointer [RFC6901] to the associated entity in the request document [e.g. "/data" for a primary data object, or "/data/attributes/title" for a specific attribute].
  
  parameter string
  
  A string indicating which URI query parameter caused the error.
  
  meta object
  
  a meta object containing non-standard meta-information about the error.
  
  Hide meta attribute Show meta attribute object
  
  Additional properties are allowed
404 application/vnd.api+json

Resource not found
Hide response attribute Show response attribute object
Error objects provide additional information about problems encountered while performing an operation. Errors also contain codes besides title and message which can be used for checks even if the detailed messages might change.

* 1000: generic error * 1001: payment processing temporarily unavailable * 1002: requested amount exceeds the authorized amount of the provided token * 1003: implicit payment methods cannot be modified * 1004: payment method rejected by provider * provider:payment-method-rejected: payment method rejected by provider (identical to 1004) * rule:product-denied: Product restrictions forbid transaction, e.g., forbidden fuel type - token authorized only for Diesel but attempted to fuel Super.
- errors array[object]
  
  Hide errors attributes Show errors attributes object
  
  id string
  
  A unique identifier for this particular occurrence of the problem.
  
  links object
  
  Hide links attribute Show links attribute object
  
  about string
  
  A link that leads to further details about this particular occurrence of the problem.
  
  status string
  
  the HTTP status code applicable to this problem, expressed as a string value.
  
  code string
  
  an application-specific error code, expressed as a string value.
  
  title string
  
  A short, human-readable summary of the problem that SHOULD NOT change from occurrence to occurrence of the problem, except for purposes of localization.
  
  detail string
  
  a human-readable explanation specific to this occurrence of the problem. Like title, this field’s value can be localized.
  
  source object
  
  An object containing references to the source of the error.
  
  Hide source attributes Show source attributes object
  
  pointer string
  
  A JSON Pointer [RFC6901] to the associated entity in the request document [e.g. "/data" for a primary data object, or "/data/attributes/title" for a specific attribute].
  
  parameter string
  
  A string indicating which URI query parameter caused the error.
  
  meta object
  
  a meta object containing non-standard meta-information about the error.
  
  Hide meta attribute Show meta attribute object
  
  Additional properties are allowed
410 application/vnd.api+json

Resource is gone
Hide response attribute Show response attribute object
Error objects provide additional information about problems encountered while performing an operation. Errors also contain codes besides title and message which can be used for checks even if the detailed messages might change.

* 1000: generic error * 1001: payment processing temporarily unavailable * 1002: requested amount exceeds the authorized amount of the provided token * 1003: implicit payment methods cannot be modified * 1004: payment method rejected by provider * provider:payment-method-rejected: payment method rejected by provider (identical to 1004) * rule:product-denied: Product restrictions forbid transaction, e.g., forbidden fuel type - token authorized only for Diesel but attempted to fuel Super.
- errors array[object]
  
  Hide errors attributes Show errors attributes object
  
  id string
  
  A unique identifier for this particular occurrence of the problem.
  
  links object
  
  Hide links attribute Show links attribute object
  
  about string
  
  A link that leads to further details about this particular occurrence of the problem.
  
  status string
  
  the HTTP status code applicable to this problem, expressed as a string value.
  
  code string
  
  an application-specific error code, expressed as a string value.
  
  title string
  
  A short, human-readable summary of the problem that SHOULD NOT change from occurrence to occurrence of the problem, except for purposes of localization.
  
  detail string
  
  a human-readable explanation specific to this occurrence of the problem. Like title, this field’s value can be localized.
  
  source object
  
  An object containing references to the source of the error.
  
  Hide source attributes Show source attributes object
  
  pointer string
  
  A JSON Pointer [RFC6901] to the associated entity in the request document [e.g. "/data" for a primary data object, or "/data/attributes/title" for a specific attribute].
  
  parameter string
  
  A string indicating which URI query parameter caused the error.
  
  meta object
  
  a meta object containing non-standard meta-information about the error.
  
  Hide meta attribute Show meta attribute object
  
  Additional properties are allowed
422 application/vnd.api+json

The request was well-formed but was unable to be followed due to semantic errors.
Hide response attribute Show response attribute object
Error objects provide additional information about problems encountered while performing an operation. Errors also contain codes besides title and message which can be used for checks even if the detailed messages might change.

* 1000: generic error * 1001: payment processing temporarily unavailable * 1002: requested amount exceeds the authorized amount of the provided token * 1003: implicit payment methods cannot be modified * 1004: payment method rejected by provider * provider:payment-method-rejected: payment method rejected by provider (identical to 1004) * rule:product-denied: Product restrictions forbid transaction, e.g., forbidden fuel type - token authorized only for Diesel but attempted to fuel Super.
- errors array[object]
  
  Hide errors attributes Show errors attributes object
  
  id string
  
  A unique identifier for this particular occurrence of the problem.
  
  links object
  
  Hide links attribute Show links attribute object
  
  about string
  
  A link that leads to further details about this particular occurrence of the problem.
  
  status string
  
  the HTTP status code applicable to this problem, expressed as a string value.
  
  code string
  
  an application-specific error code, expressed as a string value.
  
  title string
  
  A short, human-readable summary of the problem that SHOULD NOT change from occurrence to occurrence of the problem, except for purposes of localization.
  
  detail string
  
  a human-readable explanation specific to this occurrence of the problem. Like title, this field’s value can be localized.
  
  source object
  
  An object containing references to the source of the error.
  
  Hide source attributes Show source attributes object
  
  pointer string
  
  A JSON Pointer [RFC6901] to the associated entity in the request document [e.g. "/data" for a primary data object, or "/data/attributes/title" for a specific attribute].
  
  parameter string
  
  A string indicating which URI query parameter caused the error.
  
  meta object
  
  a meta object containing non-standard meta-information about the error.
  
  Hide meta attribute Show meta attribute object
  
  Additional properties are allowed
501 application/vnd.api+json

Internal server error
Hide response attribute Show response attribute object
Error objects provide additional information about problems encountered while performing an operation. Errors also contain codes besides title and message which can be used for checks even if the detailed messages might change.

* 1000: generic error * 1001: payment processing temporarily unavailable * 1002: requested amount exceeds the authorized amount of the provided token * 1003: implicit payment methods cannot be modified * 1004: payment method rejected by provider * provider:payment-method-rejected: payment method rejected by provider (identical to 1004) * rule:product-denied: Product restrictions forbid transaction, e.g., forbidden fuel type - token authorized only for Diesel but attempted to fuel Super.
- errors array[object]
  
  Hide errors attributes Show errors attributes object
  
  id string
  
  A unique identifier for this particular occurrence of the problem.
  
  links object
  
  Hide links attribute Show links attribute object
  
  about string
  
  A link that leads to further details about this particular occurrence of the problem.
  
  status string
  
  the HTTP status code applicable to this problem, expressed as a string value.
  
  code string
  
  an application-specific error code, expressed as a string value.
  
  title string
  
  A short, human-readable summary of the problem that SHOULD NOT change from occurrence to occurrence of the problem, except for purposes of localization.
  
  detail string
  
  a human-readable explanation specific to this occurrence of the problem. Like title, this field’s value can be localized.
  
  source object
  
  An object containing references to the source of the error.
  
  Hide source attributes Show source attributes object
  
  pointer string
  
  A JSON Pointer [RFC6901] to the associated entity in the request document [e.g. "/data" for a primary data object, or "/data/attributes/title" for a specific attribute].
  
  parameter string
  
  A string indicating which URI query parameter caused the error.
  
  meta object
  
  a meta object containing non-standard meta-information about the error.
  
  Hide meta attribute Show meta attribute object
  
  Additional properties are allowed

POST /callbacks/password-reset

curl \
 -X POST https://api.pace.cloud/user/2024-2/callbacks/password-reset \
 -H "Authorization: Bearer $ACCESS_TOKEN" \
 -H "Content-Type: application/vnd.api+json"

Request examples

{
  "pin": "5621",
  "skip": true
}

Response examples (400)

{
  "errors": [
    {
      "id": "string",
      "links": {
        "about": "string"
      },
      "status": "string",
      "code": "string",
      "title": "string",
      "detail": "string",
      "source": {
        "pointer": "string",
        "parameter": "string"
      },
      "meta": {}
    }
  ]
}

Response examples (401)

{
  "errors": [
    {
      "id": "string",
      "links": {
        "about": "string"
      },
      "status": "string",
      "code": "string",
      "title": "string",
      "detail": "string",
      "source": {
        "pointer": "string",
        "parameter": "string"
      },
      "meta": {}
    }
  ]
}

Response examples (403)

{
  "errors": [
    {
      "id": "string",
      "links": {
        "about": "string"
      },
      "status": "string",
      "code": "string",
      "title": "string",
      "detail": "string",
      "source": {
        "pointer": "string",
        "parameter": "string"
      },
      "meta": {}
    }
  ]
}

Response examples (404)

{
  "errors": [
    {
      "id": "string",
      "links": {
        "about": "string"
      },
      "status": "string",
      "code": "string",
      "title": "string",
      "detail": "string",
      "source": {
        "pointer": "string",
        "parameter": "string"
      },
      "meta": {}
    }
  ]
}

Response examples (410)

{
  "errors": [
    {
      "id": "string",
      "links": {
        "about": "string"
      },
      "status": "string",
      "code": "string",
      "title": "string",
      "detail": "string",
      "source": {
        "pointer": "string",
        "parameter": "string"
      },
      "meta": {}
    }
  ]
}

Response examples (422)

{
  "errors": [
    {
      "id": "string",
      "links": {
        "about": "string"
      },
      "status": "string",
      "code": "string",
      "title": "string",
      "detail": "string",
      "source": {
        "pointer": "string",
        "parameter": "string"
      },
      "meta": {}
    }
  ]
}

Response examples (501)

{
  "errors": [
    {
      "id": "string",
      "links": {
        "about": "string"
      },
      "status": "string",
      "code": "string",
      "title": "string",
      "detail": "string",
      "source": {
        "pointer": "string",
        "parameter": "string"
      },
      "meta": {}
    }
  ]
}