Update Password
Change your account password while logged in. Unlike the password reset flow (which is for forgotten passwords), this endpoint requires you to confirm your current password before setting a new one.
This is the recommended way to change passwords for security-conscious users who want to regularly update their credentials. The current password requirement ensures that only the legitimate account owner can change the password, even if someone gains temporary access to an unlocked device.
Password Best Practices
- Use a unique password not shared with other services
- Include a mix of uppercase, lowercase, numbers, and symbols
- Avoid common words, birthdays, or easily guessable information
- Consider using a password manager to generate and store strong passwords
Endpoint
INFO
PUT /api/v1/client/profile/password
Headers
| Header | Value | Required |
|---|---|---|
Content-Type | application/json | Yes |
Accept | application/json | Yes |
Authorization | Bearer {token} | Yes |
X-Agency-Signature | {signature} | Yes |
Request Body
| Parameter | Type | Required | Description |
|---|---|---|---|
current_password | string | Yes | Current password |
password | string | Yes | New password (min: 8 chars) |
password_confirmation | string | Yes | New password confirmation |
Example Request
bash
curl -X PUT https://api.daakey.com/api/v1/client/profile/password \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-H "Authorization: Bearer {token}" \
-H "X-Agency-Signature: {signature}" \
-d '{
"current_password": "oldPassword123",
"password": "newSecurePassword456",
"password_confirmation": "newSecurePassword456"
}'Response
Success (200)
json
{
"success": true,
"message": "Password updated successfully",
"data": null,
"request_id": "uuid",
"timestamp": "2024-01-01T00:00:00.000Z"
}Error (422)
json
{
"success": false,
"message": "Validation failed",
"errors": {
"current_password": ["The current password is incorrect."],
"password": ["The password must be at least 8 characters."]
},
"data": null,
"request_id": "uuid",
"timestamp": "2024-01-01T00:00:00.000Z"
}Notes
- Current password must be correct
- New password must be at least 8 characters
- All existing sessions remain valid after password change