Change Password

POST/web/v1/users/self/auth/password/changeJWT

Changes the authenticated user's password. Requires the current password for verification before setting the new password.

Authentication

Auth Chain: WEB Chain — requires Authorization: Bearer <jwt> These headers are injected by the system (frontend does nothing): X-PORTAL-ACCESS-CODE (Nginx), X-Request-Id (Gateway)

Request Parameters

Name	Type	Required	In	Description
`rawRequestBody`	`String`	Yes	body	Encrypted request payload (parsed server-side)

Success Response

Success200

{
  "version": "1.3.0",
  "timestamp": 1709337600000,
  "success": true,
  "code": "2000",
  "message": "SUCCESS",
  "data": {
    "changed": true
  }
}

Error Responses

Unauthorized401

{
  "success": false,
  "code": "4010",
  "message": "Invalid or expired token"
}

Notes

Requires the current password for verification.
Rate limited to 5 requests per 300-second window.
The request body is strictly validated; unknown properties will cause a rejection.

Change Password ​

Authentication ​

Request Parameters ​

Success Response ​

Error Responses ​

Notes ​

Change Password

Authentication

Request Parameters

Success Response

Error Responses

Notes