> ## Documentation Index
> Fetch the complete documentation index at: https://docs.vos.verolabs.co/llms.txt
> Use this file to discover all available pages before exploring further.

# Đặt mật khẩu mới sau khi khôi phục tài khoản

> Đặt mật khẩu mới sau khi khôi phục tài khoản



## OpenAPI

````yaml openapi.oms.vi.json POST /api/auth/recovery/reset-password
openapi: 3.0.3
info:
  title: VOS OMS Public API
  version: 1.0.0
  description: >-
    Public REST API surface for Vero OMS. Authentication requests use
    platform.verolabs.co. REST API requests use api-oms.verolabs.co.
servers:
  - url: https://platform.verolabs.co
    description: Authentication host
  - url: https://api-oms.verolabs.co
    description: REST API host
security: []
tags:
  - name: Authentication
    description: Xác thực tài khoản và khôi phục mật khẩu.
  - name: Trading
    description: Order entry, quote, IOI, and trading activity APIs.
  - name: Portfolio & Risk
    description: Accounts, holdings, mappings, and risk-rule read APIs.
  - name: Administration
    description: Permissions, groups, workflow, reference data, and audit APIs.
  - name: System & Diagnostics
    description: Health and latency endpoints.
paths:
  /api/auth/recovery/reset-password:
    post:
      tags:
        - Authentication
      summary: Đặt lại mật khẩu đã khôi phục
      description: >-
        Đặt mật khẩu mới sau khi xác minh mã. Gửi cookie phiên khôi phục do yêu
        cầu xác minh trả về. Phản hồi thành công cũng trả về phiên đã xác thực.
      operationId: post_api_auth_recovery_reset_password
      requestBody:
        required: true
        description: Mật khẩu mới của tài khoản.
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/AuthRecoveryResetRequest'
      responses:
        '200':
          description: Mật khẩu đã được đặt lại và phiên đang hoạt động
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuthLoginResponse'
        '400':
          $ref: '#/components/responses/AuthError'
        '401':
          $ref: '#/components/responses/AuthError'
        '502':
          $ref: '#/components/responses/AuthError'
      servers:
        - url: https://platform.verolabs.co
components:
  schemas:
    AuthRecoveryResetRequest:
      type: object
      properties:
        password:
          type: string
          minLength: 1
          description: Mật khẩu mới của tài khoản Vero OMS.
      required:
        - password
      description: Yêu cầu đặt mật khẩu mới sau khi xác minh mã khôi phục.
      additionalProperties: false
    AuthLoginResponse:
      type: object
      properties:
        sessionToken:
          type: string
          description: >-
            Session token returned after authentication. Store it securely for
            session refresh and logout.
        jwt:
          type: string
          description: Bearer JWT returned for REST API calls.
        session:
          $ref: '#/components/schemas/AuthSession'
        identity:
          $ref: '#/components/schemas/AuthIdentity'
        tokenizedSession:
          $ref: '#/components/schemas/AuthSession'
      required:
        - sessionToken
        - jwt
        - session
        - tokenizedSession
      description: AuthLoginResponse schema.
    AuthSession:
      type: object
      properties:
        id:
          type: string
          description: Unique identifier for the record.
        active:
          type: boolean
          description: Indicates whether the session is active.
        authenticated_at:
          type: string
          format: date-time
          description: Timestamp when the session was authenticated.
        expires_at:
          type: string
          format: date-time
          description: Timestamp when the session expires.
        devices:
          type: array
          items:
            $ref: '#/components/schemas/AuthSessionDevice'
          description: Devices associated with the authenticated session.
        identity:
          $ref: '#/components/schemas/AuthIdentity'
        tokenized:
          type: string
          description: Bearer JWT issued for REST API calls.
      description: >-
        Session object. The `tokenized` field is the Bearer JWT used for API
        calls.
      additionalProperties: true
    AuthIdentity:
      type: object
      properties:
        id:
          type: string
          description: Unique identifier for the record.
        traits:
          type: object
          additionalProperties: true
          description: Account attributes returned with the authenticated session.
      description: Account identity returned by the authenticated session.
      additionalProperties: true
    AuthError:
      type: object
      properties:
        error:
          type: string
          description: Machine-readable error code or error category.
        message:
          type: string
          description: Human-readable error message.
        status:
          type: integer
          format: int32
          description: Status value returned by the API.
      required:
        - error
        - message
        - status
      description: AuthError schema.
    AuthSessionDevice:
      type: object
      properties:
        ip_address:
          type: string
          description: IP address reported for the session device.
        location:
          type: string
          description: Location metadata reported for the session device.
        user_agent:
          type: string
          description: User agent reported for the session device.
      description: AuthSessionDevice schema.
  responses:
    AuthError:
      description: Authentication error
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/AuthError'

````