> ## Documentation Index
> Fetch the complete documentation index at: https://docs.tesouro.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Requests a password reset for a user based on their email address.

> Sends a password reset email if a user with the given email exists for the caller's OIDC client.
The redirect URI must match one of the client's registered redirect URIs.
Returns 200 with the same body whether or not a user matches, so a successful response does not disclose whether the account exists.



## OpenAPI

````yaml /.tooling/schemas/rest/tags/product-embedded-banking.json post /identity/v1/users/password-reset-request
openapi: 3.1.0
info:
  title: Tesouro Partner API
  version: '2025-06-23'
  description: The Tesouro REST API, for Tesouro partners to integrate with our solution.
  termsOfService: https://tesouro.com/terms
  contact:
    name: Tesouro team
    url: https://tesouro.com/about/
    email: developers@tesouro.com
servers:
  - url: https://api.sandbox.tesouro.com
    description: Sandbox
security: []
tags:
  - name: Applications
  - name: Bank Account Access
  - name: Bank Accounts
  - name: Beneficial Owners
  - name: Disclosures
  - name: Embedded Banking
  - name: External Bank Accounts
  - name: Identity
  - name: MoneyMovements
  - name: Organization
paths:
  /identity/v1/users/password-reset-request:
    post:
      tags:
        - Identity
      summary: Requests a password reset for a user based on their email address.
      description: >-
        Sends a password reset email if a user with the given email exists for
        the caller's OIDC client.

        The redirect URI must match one of the client's registered redirect
        URIs.

        Returns 200 with the same body whether or not a user matches, so a
        successful response does not disclose whether the account exists.
      operationId: RequestPasswordReset
      parameters: []
      requestBody:
        description: Cancellation token.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/RequestPasswordResetRequestDto'
          text/json:
            schema:
              $ref: '#/components/schemas/RequestPasswordResetRequestDto'
          application/*+json:
            schema:
              $ref: '#/components/schemas/RequestPasswordResetRequestDto'
        required: true
      responses:
        '200':
          description: Password reset requested.
          content:
            text/plain:
              schema:
                $ref: '#/components/schemas/RequestPasswordResetResponseDto'
            application/json:
              schema:
                $ref: '#/components/schemas/RequestPasswordResetResponseDto'
            text/json:
              schema:
                $ref: '#/components/schemas/RequestPasswordResetResponseDto'
        '400':
          description: Bad request - invalid or missing required fields.
          content:
            text/plain:
              schema:
                $ref: '#/components/schemas/ProblemDetails'
            application/json:
              schema:
                $ref: '#/components/schemas/ProblemDetails'
            text/json:
              schema:
                $ref: '#/components/schemas/ProblemDetails'
        '401':
          description: Unauthorized - no valid JWT token provided.
          content:
            text/plain:
              schema:
                $ref: '#/components/schemas/ProblemDetails'
            application/json:
              schema:
                $ref: '#/components/schemas/ProblemDetails'
            text/json:
              schema:
                $ref: '#/components/schemas/ProblemDetails'
        '403':
          description: Forbidden - client ID missing from the token or unknown.
          content:
            text/plain:
              schema:
                $ref: '#/components/schemas/ProblemDetails'
            application/json:
              schema:
                $ref: '#/components/schemas/ProblemDetails'
            text/json:
              schema:
                $ref: '#/components/schemas/ProblemDetails'
        '422':
          description: Unprocessable entity - redirect URI not registered for the client.
          content:
            text/plain:
              schema:
                $ref: '#/components/schemas/ProblemDetails'
            application/json:
              schema:
                $ref: '#/components/schemas/ProblemDetails'
            text/json:
              schema:
                $ref: '#/components/schemas/ProblemDetails'
        '500':
          description: Internal server error.
      security:
        - HTTPBearer: []
components:
  schemas:
    RequestPasswordResetRequestDto:
      required:
        - email
        - redirectUri
      type: object
      properties:
        email:
          type: string
        redirectUri:
          type: string
          description: >-
            URI where the user will be redirected to complete the password
            reset.

            Must match one of the caller's registered redirect URIs.
    RequestPasswordResetResponseDto:
      required:
        - email
      type: object
      properties:
        email:
          type: string
    ProblemDetails:
      type: object
      properties:
        detail:
          type:
            - 'null'
            - string
        instance:
          type:
            - 'null'
            - string
        status:
          pattern: ^-?(?:0|[1-9]\d*)$
          type:
            - 'null'
            - integer
            - string
          format: int32
        title:
          type:
            - 'null'
            - string
        type:
          type:
            - 'null'
            - string
  securitySchemes:
    HTTPBearer:
      type: http
      scheme: bearer

````