Deprecation of resetUserPassword output fields

Action Required
April 7, 2025, 3:16 p.m.

Overview

Following user feedback and to better align with the GraphQL spec on errors, we are deprecating the output fields of the resetUserPassword mutation. Errors are now provided via extensions.

This change is non-breaking: the new response is only triggered when the (new) user_id field is requested. Existing implementations remain unaffected unless they opt into the updated flow.

Please update your implementation to use error extensions.

Deprecation

Fields

  • ResetUserPasswordOutput.password_updated
  • ResetUserPasswordOutput.failure_codes
  • ResetUserPasswordOutput.failure_reasons

Timeline

A target removal date is set for 04/10/2025.

Example (recommended)

Request

mutation resetUserPassword($input: ResetUserPasswordInput!) {
    resetUserPassword(input: $input) {
        userId
    }
}

Response (success)

{
    "data": {
        "resetUserPassword": {
            "userId": "123"
        }
    }
}

Response (error)

{
    "data": {"resetUserPassword": null},
    "errors": [
        {
            "message": "Password is invalid.",
            "locations": {"line": 1, "column": 5},
            "path": ["resetUserPassword"],
            "extensions": {
                "errorType": "VALIDATION",
                "errorCode": "KT-CT-5450",
                "errorDescription": "Given password fails password policy requirements.",
                "validationErrors": [
                    {
                        "code": "password_too_short",
                        "message": "This password is too short. It must contain at least 7 characters.",
                        "inputPath": ["input", "password"]
                    },
                    {
                        "code": "password_too_common",
                        "message": "This password is too common.",
                        "inputPath": ["input", "password"]
                    },
                    {
                        "code": "password_reused",
                        "message": "Password reused too recently.",
                        "inputPath": ["input", "password"]
                    },
                    {
                        "code": "password_matches_current",
                        "message": "New password matches current password.",
                        "inputPath": ["input", "password"]
                    }
                ]
            }
        }
    ]
}

Example (deprecated)

Request

mutation resetUserPassword($input: ResetUserPasswordInput!) {
    resetUserPassword(input: $input) {
        passwordUpdated
        failureReasons
        failureCodes
    }
}

Response (success)

{
    "data": {
        "resetUserPassword": {
            "passwordUpdated": true,
            "failureReasons": null,
            "failureCodes": null,
        }
    }
}

Response (error)

{
    "data": {
        "resetUserPassword": {
            "passwordUpdated": false,
            "failureReasons": [
                "This password is too short. It must contain at least 7 characters.",
                "This password is too common.",
                "Password reused too recently.",
                "New password matches current password.",
            ],
            "failureCodes": [
                "password_too_short",
                "password_too_common",
                "password_reused",
                "password_matches_current",
            ],
        }
    }
}