Skip to main content

Password Recovery Request

POST 
/company/auth/recovery

Endpoint for requesting password recovery for enterprise users.
Performs the following operations:

  1. Validates the email format
  2. Searches for the user in the database
  3. Generates a unique recovery token
  4. Sends an email with a password reset link

Detailed flow:

  1. Client sends email in JSON format
  2. Server validates email format (400 if invalid)
  3. Searches for user by email (404 if not found)
  4. Generates a random 32-character token
  5. Stores the token in the database associated with the user
  6. Sends an email with a link containing the token
  7. The link redirects to a new password form

Security:

  • Tokens have limited validity (24h by default)
  • Each token is single-use
  • Requires HTTPS

Example request:

\{  
  email: usuario@empresa.com  
\}

Example successful response:

\{  
  op: recovery,  
  message: RECOVERY_EMAIL_SENT,  
  email: usuario@empresa.com  
\}

Error codes:

  • 400: Email not provided or invalid format
  • 404: User not found
  • 500: Internal server error

Request

Responses

Password recovery email sent