Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.dubupay.com/llms.txt

Use this file to discover all available pages before exploring further.

This page covers two endpoints that operate on the currently authenticated merchant’s own account: one to retrieve your profile and one to change your password. Both require a valid Bearer token or API key.

GET /auth/me

Fetch the full profile for the authenticated merchant. Use this endpoint to display account information in your dashboard, check KYC status, or confirm account state at any point in your session.

Endpoint

GET https://api.dubupay.com/api/v1/auth/me
Authentication required. Include Authorization: Bearer <access_token> or X-Api-Key: <key>.

Response

HTTP 200 OK on success.
success
boolean
true when the profile was retrieved successfully.
data
object
The merchant profile object.

Example

curl https://api.dubupay.com/api/v1/auth/me \
  -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
Response 
{
  "success": true,
  "data": {
    "id": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
    "business_name": "Acme Trading Ltd",
    "email": "owner@acmetrading.com",
    "is_verified": true,
    "is_active": true,
    "kyc_status": "PENDING",
    "personal_kyc_status": "PENDING",
    "country": null,
    "created_at": "2024-11-01T09:00:00.000Z"
  }
}

PATCH /auth/me/password

Change the password on your merchant account. You must supply the correct current password — the API verifies it before applying the change. After a successful password change, all existing refresh tokens for your account are immediately revoked. You will need to log in again to obtain new tokens.

Endpoint

PATCH https://api.dubupay.com/api/v1/auth/me/password
Authentication required. Include Authorization: Bearer <access_token> or X-Api-Key: <key>.

Request body

current_password
string
required
Your current account password. The API verifies this against the stored hash before making any changes.
new_password
string
required
The new password you want to set. Must be at least 8 characters.

Response

HTTP 200 OK on success.
success
boolean
true when the password was changed successfully.
message
string
Confirmation message: "Password changed successfully".

Example

curl -X PATCH https://api.dubupay.com/api/v1/auth/me/password \
  -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..." \
  -H "Content-Type: application/json" \
  -d '{
    "current_password": "SuperSecret123",
    "new_password": "EvenMoreSecret456"
  }'
Response 
{
  "success": true,
  "message": "Password changed successfully"
}

After changing your password

Your current refresh token is revoked immediately. You must call POST /auth/login with your new password to obtain a fresh token pair. Any other devices or sessions using the old refresh token will also be signed out.

Error responses

EndpointStatusCodeDescription
Both401UNAUTHORIZEDNo valid token or API key provided.
PATCH /me/password400WRONG_PASSWORDcurrent_password is incorrect.
PATCH /me/password400Validation errornew_password is missing or fewer than 8 characters.
Both404NOT_FOUNDThe merchant account was not found (should not occur in normal usage).