PasswordReset.change_password - Python API

Invoked as the last step in the password reset process to let the user change his or her password.

Accepts the initial token received by the user in email, the reset key received in the previous step and a new password that should be set for the user.


password_reset.access_token(self, cid, token, reset_key, current_app, remote_addr, user_agent)

  • credential: Request's correlation ID.
  • token: A password reset token received from the end user
  • current_app: Name of application the current user is issuing the call from
  • remote_addr: User's remote address
  • user_agent: User's browser or another tool as extracted from the HTTP User-Agent header.
  • Returns: reset_key - A reset key to send when in order to change the password
# -*- coding: utf-8 -*-

# Zato
from zato.server.service import Service

class PasswordResetAccessToken(Service):
    def handle(self):

        current_app = 'CRM'
        remote_addr = ''
        user_agent = self.request.http.user_agent

        # Frontend reads it from the link that the user clicked
        token = '5k339rv63q82er5wq9qgfw9xkd'

        # The reset key, along with the initial token, can be used
        # to change the password.
        reset_key = self.sso.password_reset.access_token(
            self.cid, token, current_app, remote_addr, user_agent)

        # Return the reset key to our caller
        self.response.payload = {'reset_key': reset_key}