Change User Password

Change a user's password by user ID.

Authentication

This endpoint requires a bearer access token for the System API.

Endpoint

POST /api/v1/users/{userId}/password
Authorization: Bearer YOUR_ACCESS_TOKEN
Content-Type: application/json

Request

Headers

Header	Required	Description
`Authorization`	Yes	Bearer token for a System API client
`Content-Type`	Yes	Must be `application/json`

Path Parameters

Parameter	Type	Required	Description
`userId`	integer	Yes	User identifier

Query Parameters

This endpoint does not accept query parameters.

Request Body

{
  "currentPassword": "CurrentPassword123!",
  "newPassword": "NewPassword123!"
}

Request Fields

Field	Type	Required	Description
`currentPassword`	string	No	Current password value used by server-side validation when applicable.
`newPassword`	string	Yes	New password value. Must satisfy the current Guardhouse password requirements.

Validation Rules

newPassword is required
newPassword must satisfy the current Guardhouse password policy
Password policy checks are based on the current branding settings, including length and character requirements where configured

Response

204 No Content

The password was changed successfully.

This endpoint does not return a response body on success.

Errors

Status	When it happens
`400 Bad Request`	Password validation fails or the server rejects the password change
`401 Unauthorized`	The bearer token is missing, invalid, or expired
`403 Forbidden`	The token is valid but does not have access to this endpoint
`404 Not Found`	No user exists with the provided `userId`

400 Examples

Current password is required

Invalid current password

Failed to change password. Please try again.

404 Example

User not found

Behavior

The new password is validated against the current Guardhouse password policy
On success, the previous password is removed and the new password is set
If the user email is not yet confirmed, a successful password change confirms it

Example

cURL

curl -X POST "https://your-tenant.guardhouse.cloud/api/v1/users/101/password" \
  -H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "currentPassword": "CurrentPassword123!",
    "newPassword": "NewPassword123!"
  }'

.NET SDK

using Guardhouse.SDK.Models.Users;
using Guardhouse.SDK.Services;

// Assumes AddGuardhouseClientWithApiClients(...) is already configured.
app.MapPost("/example/users/{userId:int}/password", async (int userId, IGuardhouseUsersClient usersClient) =>
{
    var changed = await usersClient.ChangePasswordAsync(userId, new ChangePasswordRequest
    {
        CurrentPassword = "CurrentPassword123!",
        NewPassword = "NewPassword123!"
    });

    return changed ? Results.NoContent() : Results.NotFound();
});

Python SDK

# SDK support is in development.
# Use raw HTTP for now.
#
# Example shape:
# response = requests.post(
#     "https://your-tenant.guardhouse.cloud/api/v1/users/101/password",
#     headers={
#         "Authorization": "Bearer YOUR_ACCESS_TOKEN",
#         "Content-Type": "application/json",
#     },
#     json={
#         "currentPassword": "CurrentPassword123!",
#         "newPassword": "NewPassword123!",
#     },
# )

Notes

Use a password that meets the current tenant policy.
Use Get User By ID if you need to inspect the updated user state after the password change.

Authentication​

Endpoint​

Request​

Headers​

Path Parameters​

Query Parameters​

Request Body​

Request Fields​

Validation Rules​

Response​

204 No Content​

Errors​

400 Examples​

404 Example​

Behavior​

Example​

cURL​

.NET SDK​

Python SDK​

Notes​