> ## Documentation Index
> Fetch the complete documentation index at: https://docs.insforge.dev/llms.txt
> Use this file to discover all available pages before exploring further.

# Send password reset (code or link based on config)

> Send password reset email using the method configured in auth settings (resetPasswordMethod). When method is 'code', sends a 6-digit numeric code for two-step flow. When method is 'link', sends a browser reset link that goes through an InsForge backend endpoint first. Prevents user enumeration by returning success even if email doesn't exist.



## OpenAPI

````yaml https://raw.githubusercontent.com/InsForge/InsForge/main/openapi/auth.yaml post /api/auth/email/send-reset-password
openapi: 3.0.3
info:
  title: Insforge Authentication API
  version: 2.0.0
  description: Authentication endpoints with separated auth and profile tables
servers: []
security: []
paths:
  /api/auth/email/send-reset-password:
    post:
      tags:
        - Client
      summary: Send password reset (code or link based on config)
      description: >-
        Send password reset email using the method configured in auth settings
        (resetPasswordMethod). When method is 'code', sends a 6-digit numeric
        code for two-step flow. When method is 'link', sends a browser reset
        link that goes through an InsForge backend endpoint first. Prevents user
        enumeration by returning success even if email doesn't exist.
      requestBody:
        required: true
        content:
          application/json:
            schema:
              type: object
              required:
                - email
              properties:
                email:
                  type: string
                  format: email
                  example: user@example.com
                redirectTo:
                  type: string
                  format: uri
                  description: >-
                    Used for link-based password reset. The email link always
                    opens an InsForge backend endpoint first; InsForge then
                    redirects the browser to this URL with the reset token in
                    the query string. This URL must be included in
                    allowedRedirectUrls. Recommended: use your app's dedicated
                    reset-password page.
      responses:
        '202':
          description: >-
            Password reset email sent (if email exists). Message varies based on
            configured method.
          content:
            application/json:
              schema:
                type: object
                properties:
                  success:
                    type: boolean
                  message:
                    type: string
                    example: >-
                      If your email is registered, we have sent you a password
                      reset code/link. Please check your inbox.
        '400':
          description: Invalid request

````