Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/ti-infinite/GSMApplication/llms.txt

Use this file to discover all available pages before exploring further.

The Users API allows management of user accounts within the GSM Application. Currently, the primary mutation available to clients is updating a user’s password. The request requires both the current password (for verification) and the desired new password. The idUser is a GUID path parameter that uniquely identifies the target user across all tenants.

Endpoint

PUT /api/application/v1/users/{idUser}/password

Authentication

All requests to this endpoint require a valid Bearer token. The token can be supplied as an Authorization header or as the gsm_token cookie.
Authorization
string
required
Bearer token obtained during login. Format: Bearer <token>
Note: The API gateway automatically injects the X-Company-Id header from the authenticated session. Clients must never set this header directly.

Path Parameters

idUser
string
required
The GUID of the user whose password should be updated. Must be a valid UUID format (e.g. 3fa85f64-5717-4562-b3fc-2c963f66afa6).

Request Body

The request body must be a JSON object containing the user’s current and new passwords.
oldPassword
string
required
The user’s current password. This is verified before any change is applied. The request fails if the current password does not match.
newPassword
string
required
The desired new password. Password policy (minimum length, complexity) is enforced server-side.

Example Request Body

{
  "oldPassword": "CurrentP@ssw0rd!",
  "newPassword": "NewSecureP@ss42!"
}

Response

All responses are wrapped in the standard ApiResponse<T> envelope: 
{
  "success": true | false,
  "message": "string",
  "data": null,
  "errorType": "string" | null,
  "traceId": "string" | null,
  "details": "string" | null
}

Response Fields

success
boolean
required
true if the password was successfully updated; false otherwise.
message
string
required
Human-readable status message. On failure, describes the reason (e.g. current password mismatch, user not found).
data
null
This endpoint does not return a data payload on success.
errorType
string | null
Present when success is false. Common values: Validation, NotFound, Unauthorized.
traceId
string | null
Optional correlation ID for request tracing across services.
details
string | null
Optional extended error detail message.

HTTP Status Codes

CodeMeaning
200 OKRequest processed. Check success in the response body — the operation result (success or validation error) is always communicated in the body.
400 Bad RequestThe request body is malformed or required fields are missing.
401 UnauthorizedThe Bearer token is missing, expired, or invalid.
404 Not FoundNo user with the given idUser GUID exists.

Example

Request

curl --request PUT \
  --url 'https://your-gateway.example.com/api/application/v1/users/3fa85f64-5717-4562-b3fc-2c963f66afa6/password' \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{
    "oldPassword": "CurrentP@ssw0rd!",
    "newPassword": "NewSecureP@ss42!"
  }'

Successful Response

{
  "success": true,
  "message": "Password updated successfully.",
  "data": null,
  "errorType": null,
  "traceId": "00-9e1f3a4c2d7b8e06-01",
  "details": null
}

Error — Current Password Mismatch

{
  "success": false,
  "message": "The current password provided is incorrect.",
  "data": null,
  "errorType": "Validation",
  "traceId": "00-9e1f3a4c2d7b8e06-02",
  "details": null
}

Error — User Not Found

{
  "success": false,
  "message": "User not found.",
  "data": null,
  "errorType": "NotFound",
  "traceId": "00-9e1f3a4c2d7b8e06-03",
  "details": null
}

Build docs developers (and LLMs) love

Get started for freeTalk to us