OrbVPNOrbVPN
TutorialsTroubleshootServicesAPIBusinessBlogDashboard

Change Password API

Allow authenticated users to change their password by providing current and new passwords

User

Change Password API

Change your account password while logged in. Requires verification of your current password before setting a new one.

Edit Profile

Secure Change

Verify current password.

Authenticated

Must be logged in.

Immediate Effect

New password active instantly.

Endpoint Overview

MUTATION/graphql

Change the authenticated user's password by providing the current password and the desired new password. The change takes effect immediately.

Authentication:Bearer Token
Required scopes:user

Request Parameters

oldPasswordString!Required

The user's current password for verification.

passwordString!Required

The new password to set for the account.

GraphQL Mutation

mutation changePassword($oldPassword: String!, $password: String!) {
  changePassword(oldPassword: $oldPassword, password: $password) {
    success
    message
  }
}

Variables:

{
  "oldPassword": "CurrentPassword123!",
  "password": "NewSecurePassword456!"
}

HTTP Request:

curl -X POST https://api.orbnet.com/graphql \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer YOUR_USER_TOKEN" \
  -d '{
    "query": "mutation changePassword($oldPassword: String!, $password: String!) { changePassword(oldPassword: $oldPassword, password: $password) { success message } }",
    "variables": {
      "oldPassword": "CurrentPassword123!",
      "password": "NewSecurePassword456!"
    }
  }'

Response

200Password Changed Successfully
{
  "data": {
    "changePassword": {
      "success": true,
      "message": "Password changed successfully"
    }
  }
}
400Incorrect Current Password
{
  "errors": [
    {
      "message": "Current password is incorrect",
      "path": ["changePassword"],
      "extensions": {
        "code": "INVALID_PASSWORD"
      }
    }
  ],
  "data": null
}
400Weak New Password
{
  "errors": [
    {
      "message": "New password does not meet security requirements",
      "path": ["changePassword"],
      "extensions": {
        "code": "WEAK_PASSWORD"
      }
    }
  ],
  "data": null
}

Password Requirements

Minimum Length

At least 8 characters required.

Mixed Case

Include upper and lowercase letters.

Numbers

Include at least one digit.

Different

New password must differ from old.

When to Change Password

Regular Rotation

Periodic password updates for security.

Suspected Breach

Change if account may be compromised.

Shared Access

After sharing credentials temporarily.

New Device

After accessing from untrusted device.

Best Practices

Strong Password

Use unique, complex passwords.

Password Manager

Store passwords securely.

Don't Reuse

Never reuse old passwords.

Update Sessions

Re-login on all devices.

Related Endpoints

MUTATIONRequest Reset

Forgot password recovery

MUTATIONEdit Profile

Update other details

QUERYGet Profile

View account info

MUTATIONLogout Device

Sign out from devices

Session Persistence

After changing your password, you may remain logged in on the current device, but other sessions may be invalidated for security.

Forgot Your Password?

If you can't remember your current password, use the password reset process instead.

Request Password Reset

Reset Password API

Previous Page

Delete User API

Next Page

On this page

Endpoint Overview
Request Parameters
GraphQL Mutation
Response
Password Requirements
When to Change Password
Best Practices
Related Endpoints