# Update Password by Session (Enterprise)

**POST /v1/auth/passwords/session/update**

Update user password using an active session. If the session token does not have an active factor from OTP, magic link, or password, it will return an error.

## HTTP Request

`GET /v1/auth/passwords/session/update`

## Request Body

The following table lists the properties of an HTTP request that this action supports.

## Returns

A successful response returns `user_id` property and `session` object associated with the `session_token` sent in.


## Servers
- Production: https://api.moonkey.fun (Production)


## Authentication methods
- Authorization


## Parameters



### Body: application/json (object)

- **password** (string)
  `Required` Unique user ID to associate the TOTP with.
- **session_token** (string)
  `Required if session_jwt not present` Session token to identify the user by. Only a valid session will result in a successful password change.
- **session_jwt** (string)
  `Required if session_token not present` Session jwt to identify the user by. Only a valid session will result in a successful password change. 


## Responses
### 200
OK

#### Body: application/json (object)
- **session** (object)

- **user_id** (string)



[Powered by Bump.sh](https://bump.sh)