Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/Gianluca-X/DigitalMoney/llms.txt

Use this file to discover all available pages before exploring further.

Authenticated users can update their email address or password at any time using the two PATCH endpoints documented on this page. Both endpoints derive the caller’s identity from the JWT Bearer token — no userId or current email is required in the request body. A valid, unexpired token must be present in the Authorization header for every call.
The current email is read from the JWT’s sub (subject) claim via Spring Security’s Authentication.getName(). Ensure the token in your Authorization header belongs to the account you intend to modify.

Change Email

Updates the authenticated user’s email address in the auth database and publishes a UserEmailChangedEvent to RabbitMQ so the user-service can stay in sync.

Endpoint

PATCH http://localhost:8085/auth/change-email?newEmail={email}
Authentication: Bearer JWT required.

Query Parameters

newEmail
string
required
The new email address to assign to the account. Must be unique within the auth database. After a successful update, subsequent logins and JWT tokens will use this address as the subject.

Example

curl -X PATCH "http://localhost:8085/auth/change-email?newEmail=ada.updated@digitalmoney.io" \
  -H "Authorization: Bearer eyJhbGciOiJIUzI1NiJ9..."

Response 200 OK

Email updated successfully

RabbitMQ Integration

After persisting the new email, the auth service publishes a UserEmailChangedEvent to the user.exchange exchange with the routing key user.email.changed. The event payload contains the user’s internal authId and the newEmail. The user-service consumes this event to mirror the change in its own database, keeping both services consistent without a synchronous HTTP call.

Change Password

Updates the authenticated user’s password. The new value is BCrypt-hashed before being saved.

Endpoint

PATCH http://localhost:8085/auth/change-password?newPassword={password}
Authentication: Bearer JWT required.

Query Parameters

newPassword
string
required
The plain-text replacement password. The auth service encodes it with BCrypt before persisting.

Example

curl -X PATCH "http://localhost:8085/auth/change-password?newPassword=N3wS3cure!Pass" \
  -H "Authorization: Bearer eyJhbGciOiJIUzI1NiJ9..."

Response 200 OK

Password updated successfully

Error Codes

The following errors apply to both PATCH /auth/change-email and PATCH /auth/change-password.
HTTP StatusExceptionDescription
400 Bad RequestUserNotFoundExceptionThe email resolved from the JWT subject does not match any record in the auth database. This may occur if the account was deleted after the token was issued.
500 Internal Server ErrorExceptionAn unexpected server-side error occurred.
After changing your email, your existing JWT still contains the old email as its subject. Re-authenticate via POST /auth/login with the new email and password to obtain a token that reflects the updated credentials.

Build docs developers (and LLMs) love