div
strong
🔨 In Development
 — This section is still being developed and may change.

Request a password reset (alias for `/password/reset`).

Sends a 4-digit verification code to the user's email if the account exists. For security, always returns success regardless of whether the email exists to prevent email enumeration.

## Request Body

**`email`** string required

The email address associated with the account.

## Security Features

- Generic response prevents email enumeration
- Rate limiting: 1 request per minute per email
- Time-limited codes: 5 minutes expiry
- Automatic cleanup of expired codes


## Returns

Returns a success response. If the account exists, a 4-digit verification code is sent via email.


```bash cURL
curl -X POST https://api.aitronos.com/v1/auth/password/forgot \
  -H "Content-Type: application/json" \
  -d '{
    "email": "user@example.com"
  }'
```


```python Python
import requests

response = requests.post(
    "https://api.aitronos.com/v1/auth/password/forgot",
    json={"email": "user@example.com"}
)
result = response.json()
```


```javascript JavaScript
const response = await fetch(
  'https://api.aitronos.com/v1/auth/password/forgot',
  {
    method: 'POST',
    headers: {
      'Content-Type': 'application/json'
    },
    body: JSON.stringify({
      email: 'user@example.com'
    })
  }
);
const result = await response.json();
```

## Response


```json
{
  "success": true,
  "message": "If an account exists with this email, a verification code has been sent"
}
```