changeCustomerPassword mutation
Use the changeCustomerPassword mutation to change the password for the logged-in customer.
To return or modify information about a customer, Magento recommends you use customer tokens in the header of your GraphQL calls. However, you also can use session authentication.
Syntax
mutation: {changeCustomerPassword(currentPassword: String! newPassword: String!) {Customer}}
Example usage
The following call updates the customer’s password.
Request:
1
2
3
4
5
6
7
8
9
mutation {
changeCustomerPassword(
currentPassword: "roni_cost3@example.com"
newPassword: "roni_cost4@example.com"
) {
id
email
}
}
Response:
1
2
3
4
5
6
7
8
{
"data": {
"changeCustomerPassword": {
"id": 1,
"email": "roni_cost@example.com"
}
}
}
Input attributes
The changeCustomerPassword mutation requires the following inputs:
| Attribute | Data Type | Description |
|---|---|---|
currentPassword |
String | The customer’s current password |
newPassword |
String | The customer’s new password |
Output attributes
The changeCustomerPassword mutation returns the customer object.
The following table lists the top-level attributes of the customer object. See the customer query for complete details about this object.
| Attribute | Data Type | Description |
|---|---|---|
addresses |
CustomerAddress | An array containing the customer’s shipping and billing addresses |
allow_remote_shopping_assistance |
Boolean! | Indicates whether the customer has enabled remote shopping assistance |
compare_list |
CompareList | The contents of the customer’s comparison list |
created_at |
String | Timestamp indicating when the account was created |
date_of_birth |
String | The customer’s date of birth. In keeping with current security and privacy best practices, be sure you are aware of any potential legal and security risks associated with the storage of customers’ full date of birth (month, day, year) along with other personal identifiers, such as full name, before collecting or processing such data. |
default_billing |
String | The ID assigned to the billing address |
default_shipping |
String | The ID assigned to the shipping address |
dob |
String | Deprecated. Use date_of_birth instead. The customer’s date of birth |
email |
String | The customer’s email address |
firstname |
String | The customer’s first name |
gender |
Int | The customer’s gender (Male - 1, Female - 2) |
group_id |
Int | Deprecated. This attribute is not applicable for GraphQL. The group assigned to the user. Default values are 0 (Not logged in), 1 (General), 2 (Wholesale), and 3 (Retailer) |
id |
Int | Deprecated. This attribute is not applicable for GraphQL. The ID assigned to the customer |
is_subscribed |
Boolean | Indicates whether the customer is subscribed to the company’s newsletter |
lastname |
String | The customer’s family name |
middlename |
String | The customer’s middle name |
orders(filter CustomerOrdersFilterInput, currentPage = 1 Int, pageSize = 20 Int) |
[CustomerOrders] | A list of the customer’s placed orders |
prefix |
String | An honorific, such as Dr., Mr., or Mrs. |
return(uid: ID!) |
Return | Gets details about the specified return request |
returns(pageSize: Int = 20 currentPage: Int = 1) |
Returns | Information about the customer’s return requests |
reviews(pageSize: Int = 20 currentPage: Int = 1) |
ProductReviews! | The list of reviews of the product |
reward_points |
[RewardPoints] | Details about the customer’s reward points |
suffix |
String | A value such as Sr., Jr., or III |
taxvat |
String | The customer’s Tax/VAT number (for corporate customers) |
wishlist |
Wishlist! | Deprecated. Use wishlist_v2 instead. Contains the contents of the customer’s wish lists |
wishlist_v2(id ID!) |
[Wishlist]! | Retrieve the specified wish list identified by the unique ID for a Wishlist object |
For B2B, company administrators and users can have the following attributes.
| Attribute | Data Type | Description |
|---|---|---|
job_title |
String | The job title for a B2B company user |
requisition_lists (pageSize = 20 Int, currentPage = 1 Int, filter RequisitionListFilterInput) |
RequisitionLists | Contains the customer’s requisition lists |
role |
CompanyRole | The role name and permissions assigned to the company user |
status |
CompanyUserStatusEnum | Indicates whether the company user is ACTIVE or INACTIVE |
team |
CompanyTeam | The team the company user is assigned to |
telephone |
String | The phone number of the company user |
Errors
| Error | Description |
|---|---|
The current customer isn't authorized. |
The customer’s token does not exist in the oauth_token table. |
Invalid login or password. |
The password specified in the currentPassword argument is not valid. |
Specify the "currentPassword" value. |
The password specified in the currentPassword argument is empty. |
Specify the "newPassword" value. |
The password specified in the newPassword argument is empty. |
The account is locked. |
The customer’s password cannot be changed because the account is locked. |