> For the complete documentation index, see [llms.txt](https://api-documentation.autoshares.dev/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://api-documentation.autoshares.dev/rest-api/trading-api/password-reset/2.-retrieve-the-secret-question.md). # 2. Retrieve the Secret Question ## Introduction Depending on the configuration of your company, users may either be forced to specify a secret question-answer pair during registration or not. If a user does not have to answer the secret question, this step might be skipped and you can proceed to the [third step](/rest-api/trading-api/password-reset/2.-generate-a-token-for-a-new-password.md). If the user does need to answer the question, use this endpoint to retrieve the question and then go back to the endpoint from the [first step](/rest-api/trading-api/password-reset/1.-reset-traders-password.md) to provide the answer. There are three required parameters that must be provided in the request: 1. **Et-App-Key** (header). This is the unique key of your app that identifies your app when communicating with our service. Contact your administrator to get this key. 2. **API version** (path). Unless necessary, leave it at "1.0". 3. **username** (query). This is the login or the email of the user whose password ought to be reset. Here's the final template for this API request: ``` GET apiURL/v1.0/users/password/secret-question?username=hello%40autoshares.com ``` ## Response In response to this request, you will receive a JSON object containing the secret question: ```javascript { "Model": "What street did you live on in third grade?", "Errors": [], "IsSucceed": true } ``` You may then display this question to the user and prompt them to specify the answer. Next, provide their answer as the value for the `SecretQuestionAnswer` key in the request body of the [first step](/rest-api/trading-api/password-reset/1.-reset-traders-password.md). Afterward you can proceed to the [third step](/rest-api/trading-api/password-reset/2.-generate-a-token-for-a-new-password.md). ## Common Mistakes Here are some of the common mistakes that developers make when attempting to retrieve a user's secret question. ### Failing to Specify the Et-App-Key Parameter If you specify the wrong Et-App-Key parameter or fail to include it in the header altogether, you'll get the following error: ```javascript { "error": "Application key is not defined or does not exist" } ``` --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://api-documentation.autoshares.dev/rest-api/trading-api/password-reset/2.-retrieve-the-secret-question.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.