Skip to main content
POST
/
api
/
v3
/
admin
/
auth
/
password_resets
Spree Admin SDK
import { createAdminClient } from '@spree/admin-sdk'

const client = createAdminClient({
  baseUrl: 'https://your-store.com',
  secretKey: 'sk_xxx',
})

// Always resolves (202) whether or not the email exists — no account enumeration.
// The emailed link points at redirect_url with the reset token appended as ?token=.
await client.auth.requestPasswordReset({
  email: 'admin@example.com',
  redirect_url: 'https://admin.your-store.com/reset-password',
})
spree api post /auth/password_resets -d '{"email":"admin@example.com","redirect_url":"https://admin.your-store.com/reset-password"}'
{
  "message": "If an account exists for that email, password reset instructions have been sent."
}

Authorizations

x-spree-api-key
string
header
required

Secret API key for admin access

Headers

x-spree-api-key
string
required

Body

application/json
email
string<email>
required
Example:

"admin@example.com"

redirect_url
string

Must match an allowed origin of the store; ignored otherwise.

Example:

"https://admin.your-store.com/reset-password"

Response

202 - application/json

reset requested