---
title: customerResetByUrl - Storefront API
description: >
  Resets a customer's password using the reset URL from a password recovery
  email. The reset URL is generated by the
  [`customerRecover`](/docs/api/storefront/unstable/mutations/customerRecover)
  mutation.


  On success, returns the updated
  [`Customer`](/docs/api/storefront/unstable/objects/Customer) and a new
  [`CustomerAccessToken`](/docs/api/storefront/unstable/objects/CustomerAccessToken)
  for immediate authentication.


  > Caution:

  > This mutation handles customer credentials. Ensure the new password is
  transmitted securely and never logged or exposed in client-side code.
api_version: unstable
api_name: storefront
source_url:
  html: >-
    https://shopify.dev/docs/api/storefront/unstable/mutations/customerResetByUrl
  md: >-
    https://shopify.dev/docs/api/storefront/unstable/mutations/customerResetByUrl.md
---

# customer​Reset​By​Url

mutation

Requires `unauthenticated_write_customers` access scope.

Resets a customer's password using the reset URL from a password recovery email. The reset URL is generated by the [`customerRecover`](https://shopify.dev/docs/api/storefront/unstable/mutations/customerRecover) mutation.

On success, returns the updated [`Customer`](https://shopify.dev/docs/api/storefront/unstable/objects/Customer) and a new [`CustomerAccessToken`](https://shopify.dev/docs/api/storefront/unstable/objects/CustomerAccessToken) for immediate authentication.

***

**Caution:** This mutation handles customer credentials. Ensure the new password is transmitted securely and never logged or exposed in client-side code.

***

## Arguments

* password

  [String!](https://shopify.dev/docs/api/storefront/unstable/scalars/String)

  required

  New password that will be set as part of the reset password process.

* reset​Url

  [URL!](https://shopify.dev/docs/api/storefront/unstable/scalars/URL)

  required

  The customer's reset password url.

***

## Customer​Reset​By​Url​Payload returns

* customer

  [Customer](https://shopify.dev/docs/api/storefront/unstable/objects/Customer)

  The customer object which was reset.

* customer​Access​Token

  [Customer​Access​Token](https://shopify.dev/docs/api/storefront/unstable/objects/CustomerAccessToken)

  A newly created customer access token object for the customer.

* customer​User​Errors

  [\[Customer​User​Error!\]!](https://shopify.dev/docs/api/storefront/unstable/objects/CustomerUserError)

  non-null

  The list of errors that occurred from executing the mutation.

* user​Errors

  [\[User​Error!\]!](https://shopify.dev/docs/api/storefront/unstable/objects/UserError)

  non-nullDeprecated

  The list of errors that occurred from executing the mutation.

***

## Examples

* ### customerResetByUrl reference