The Loginapp REST password reset API allows end-users to reset their own passwords. The service is typically accessed by the end-user via a Forgot password? link on the login page. It is configured as a public self-service flow.
The API is publicly accessible. Special consideration regarding user enumeration and security, in general, is therefore essential.