password reset functionality still works even if you delete the value of the temp-forgot-password-token parameter in both the URL and request body
temp-forgot-password-token
if you remove the current-password parameter entirely, you are able to successfully change your password without providing your current one
current-password
Last updated 1 year ago