> ## Documentation Index
> Fetch the complete documentation index at: https://docs.marzipan.co/llms.txt
> Use this file to discover all available pages before exploring further.

# Change password

> Change the authenticated customer's password by confirming their current password. Used from the logged-in account area.



## OpenAPI

````yaml /api-reference/openapi.json post /account/reset-password
openapi: 3.0.0
info:
  title: Marzipan API
  version: 1.0.0
servers:
  - url: https://api.marzipan.co/v1
security:
  - tenantAuth: []
tags:
  - name: Account
    description: >-
      Account management endpoints including registration, login, and user
      details
  - name: Carts
    description: Shopping cart management endpoints
  - name: Products
    description: Product catalog and search endpoints
  - name: Subscriptions
    description: Subscription management and renewal endpoints
  - name: CMS
    description: Content management system endpoints
  - name: Messaging
    description: Message and communication endpoints
  - name: Search
    description: Search functionality endpoints
  - name: Settings
    description: >-
      Storefront settings and market detection used to configure the web
      components and checkout.
  - name: Analytics
    description: Storefront visit and attribution tracking.
  - name: Rewards
    description: >-
      Loyalty and rewards programme endpoints for the authenticated customer,
      covering points balance, tier status, perks, exclusive products and
      transaction history.
  - name: Forms
    description: Render and submit dynamic storefront forms defined in the CMS.
  - name: Events
    description: >-
      Check event availability, browse occurrences and recurring dates, generate
      ticket QR codes, and manage event waitlists (join, leave, check status,
      and claim promoted spots).
paths:
  /account/reset-password:
    parameters: []
    post:
      tags:
        - Account
      summary: Change password
      description: >-
        Change the authenticated customer's password by confirming their current
        password. Used from the logged-in account area.
      requestBody:
        required: true
        content:
          application/json:
            schema:
              type: object
              required:
                - currentPassword
                - password
                - passwordConfirmation
              properties:
                currentPassword:
                  type: string
                  format: password
                password:
                  type: string
                  format: password
                  description: >-
                    Minimum 8 characters, must include an uppercase letter, a
                    lowercase letter and a number
                passwordConfirmation:
                  type: string
                  format: password
            example:
              currentPassword: OldPass123
              password: NewPass456
              passwordConfirmation: NewPass456
      responses:
        '200':
          description: Success
          content:
            application/json:
              schema:
                type: object
                properties:
                  status:
                    type: boolean
              example:
                status: true
        '401':
          description: Unauthenticated
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Error'
              example:
                message: Unauthenticated.
        '422':
          description: Validation error
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationError'
              example:
                message: Please enter your current password.
                errors:
                  currentPassword:
                    - Please enter your current password.
      security:
        - accountAuth: []
components:
  schemas:
    Error:
      type: object
      properties:
        message:
          type: string
          description: Error message
      required:
        - message
    ValidationError:
      type: object
      properties:
        message:
          type: string
          description: Validation error message
        errors:
          type: object
          additionalProperties:
            type: array
            items:
              type: string
          description: Field-specific validation errors
      required:
        - message
        - errors
  securitySchemes:
    tenantAuth:
      type: http
      scheme: bearer
      description: >-
        Bearer authentication header of the form `Bearer <token>`, where
        `<token>` is your API token.
      bearerFormat: JWT
    accountAuth:
      type: http
      scheme: bearer
      description: >-
        Bearer authentication header of the form `Bearer <token>`, where
        `<token>` is the account token returned from the `Login` endpoint.

````