Process
The password reset process is basically devided into three parts.
Step 1 - Trigger "I-Forget-My-Password"-Token
First, the API has to be called (http://api.erecruiter.net/Help/Api/POST-Api-Applicant-RequestPassword_email_url_culture)
...
and has to be handled by the applicant portal.
Step 2 - Test Token and load Applicant Profile
When the applicant navigates to that link, the applicant can be loaded by the generated token. At this point, the portal is either able to continue with Step 3 directly, or perform an early test of the token to retrieve the applicant profile using the email-address and the generated token. The profile can be loaded with the following request (http://api.erecruiter.net/Help/Api/GET-Api-Applicant_email_code)
...
This request succeeds for the duration, the token is valid. Currently for it is valid for 2 days.
Step 3 - Actual change of password
This step contains the actual change of the password. Therefore, the following API Request (http://api.erecruiter.net/Help/Api/POST-Api-Applicant-SetPassword) can be executed
...