Use "requestPasswordReset" mutation instead

Action Required

Oct. 2, 2023, noon

What is changing?

requestResetPassword GraphQL mutation is now deprecated.

It is replaced by the requestPasswordReset mutation.
It will be removed on Monday 1st April 2024.

What is the key feature of these mutations?

Calling the endpoints will trigger an email sent to customers to reset a password if they already have an account, or otherwise, to create a password.

What do I need to do?

If you (likely frontend applications) are calling the requestResetPassword mutation, please replace that call a new requestPasswordReset mutation instead.

The new requestPasswordReset endpoint is now available to use.

Example query (no authorization header is needed):

mutation myRequestPasswordReset($input: RequestPasswordResetInput!) {
  requestPasswordReset(input: $input) {
    email,
    __typename
  }
}

Whether the customer should receive a reset password or create password email is now checked on the backend. As such, the new mutation only requires the email address as an input and no longer need the isCreateMode props.