OrbVPNOrbVPN
TutorialsTroubleshootServicesAPIBusinessBlogDashboard

Verify Reset Password Code API

Verify the password reset code sent via email before allowing password change

Public

Verify Reset Password Code API

Verify the password reset code sent to your email. This validation step ensures the code is correct before allowing the password to be changed.

Reset Password

Code Validation

Verify reset code is valid.

Time-Limited

Codes expire for security.

Security Step

Prevents unauthorized resets.

Endpoint Overview

MUTATION/graphql

Verify the password reset code sent to a user's email address. This step must be completed before the password can be changed.

Authentication:No Auth Required

Request Parameters

emailString!Required

The email address that received the reset code.

verificationCodeString!Required

The verification code from the password reset email.

GraphQL Mutation

mutation verifyResetPasswordCode($email: String!, $verificationCode: String!) {
  verifyResetPasswordCode(email: $email, verificationCode: $verificationCode) {
    success
    token
  }
}

Variables:

{
  "email": "user@example.com",
  "verificationCode": "123456"
}

HTTP Request:

curl -X POST https://api.orbnet.com/graphql \
  -H "Content-Type: application/json" \
  -d '{
    "query": "mutation verifyResetPasswordCode($email: String!, $verificationCode: String!) { verifyResetPasswordCode(email: $email, verificationCode: $verificationCode) { success token } }",
    "variables": {
      "email": "user@example.com",
      "verificationCode": "123456"
    }
  }'

Response

200Code Verified Successfully
{
  "data": {
    "verifyResetPasswordCode": {
      "success": true,
      "token": "reset_token_abc123xyz"
    }
  }
}
400Invalid Code
{
  "errors": [
    {
      "message": "Invalid verification code",
      "path": ["verifyResetPasswordCode"],
      "extensions": {
        "code": "INVALID_CODE"
      }
    }
  ],
  "data": null
}
400Code Expired
{
  "errors": [
    {
      "message": "Verification code has expired",
      "path": ["verifyResetPasswordCode"],
      "extensions": {
        "code": "CODE_EXPIRED"
      }
    }
  ],
  "data": null
}

Password Reset Flow

Request Reset

Receive Code

Verify Code

Reset Password

Security Features

Code Expiration

Codes expire after a set time period.

One-Time Use

Codes can only be used once.

Rate Limited

Prevents brute force attempts.

Email Match

Code only works with original email.

Best Practices

Check Spam

Look in spam folder for reset email.

Act Quickly

Use code before it expires.

Exact Code

Enter code exactly as received.

Request New

Request new code if expired.

Related Endpoints

MUTATIONRequest Reset

Start password reset process

MUTATIONReset Password

Set new password with token

MUTATIONChange Password

Logged in password change

MUTATIONLogin

Login with new password

Token Required for Reset

After successful verification, use the returned token with the Reset Password endpoint to set your new password.

Ready to Set New Password?

Use the returned token to reset your password.

Reset Password

Edit Profile by Admin API

Previous Page

Request Password Reset API

Next Page

On this page

Endpoint Overview
Request Parameters
GraphQL Mutation
Response
Password Reset Flow
Security Features
Best Practices
Related Endpoints