Function ory_client::apis::v0alpha2_api::submit_self_service_settings_flow

pub async fn submit_self_service_settings_flow(
    configuration: &Configuration, 
    flow: &str, 
    x_session_token: Option<&str>, 
    submit_self_service_settings_flow_body: Option<SubmitSelfServiceSettingsFlowBody>
) -> Result<SelfServiceSettingsFlow, Error<SubmitSelfServiceSettingsFlowError>>

Use this endpoint to complete a settings flow by sending an identity’s updated password. This endpoint behaves differently for API and browser flows. API-initiated flows expect application/json to be sent in the body and respond with HTTP 200 and an application/json body with the session token on success; HTTP 302 redirect to a fresh settings flow if the original flow expired with the appropriate error messages set; HTTP 400 on form validation errors. HTTP 401 when the endpoint is called without a valid session token. HTTP 403 when selfservice.flows.settings.privileged_session_max_age was reached or the session’s AAL is too low. Implies that the user needs to re-authenticate. Browser flows without HTTP Header Accept or with Accept: text/_* respond with a HTTP 302 redirect to the post/after settings URL or the return_to value if it was set and if the flow succeeded; a HTTP 302 redirect to the Settings UI URL with the flow ID containing the validation errors otherwise. a HTTP 302 redirect to the login endpoint when selfservice.flows.settings.privileged_session_max_age was reached or the session’s AAL is too low. Browser flows with HTTP Header Accept: application/json respond with HTTP 200 and a application/json body with the signed in identity and a Set-Cookie header on success; HTTP 302 redirect to a fresh login flow if the original flow expired with the appropriate error messages set; HTTP 401 when the endpoint is called without a valid session cookie. HTTP 403 when the page is accessed without a session cookie or the session’s AAL is too low. HTTP 400 on form validation errors. Depending on your configuration this endpoint might return a 403 error if the session has a lower Authenticator Assurance Level (AAL) than is possible for the identity. This can happen if the identity has password + webauthn credentials (which would result in AAL2) but the session has only AAL1. If this error occurs, ask the user to sign in with the second factor (happens automatically for server-side browser flows) or change the configuration. If this endpoint is called with a Accept: application/json HTTP header, the response contains the flow without a redirect. In the case of an error, the error.id of the JSON response body can be one of: session_refresh_required: The identity requested to change something that needs a privileged session. Redirect the identity to the login init endpoint with query parameters ?refresh=true&return_to=<the-current-browser-url>, or initiate a refresh login flow otherwise. security_csrf_violation: Unable to fetch the flow because a CSRF violation occurred. session_inactive: No Ory Session was found - sign in a user first. security_identity_mismatch: The flow was interrupted with session_refresh_required but apparently some other identity logged in instead. security_identity_mismatch: The requested ?return_to address is not allowed to be used. Adjust this in the configuration! browser_location_change_required: Usually sent when an AJAX request indicates that the browser needs to open a specific URL. Most likely used in Social Sign In flows. More information can be found at Ory Kratos User Settings & Profile Management Documentation.