# Request password recovery

Step 1 of password recovery for unauthenticated users: sends a recovery code to the account email. Accepts either email or username as the login identifier. Must NOT be authenticated - returns error if called with an active session. Rate limited to prevent abuse.

Endpoint: POST /api/v1/accounts/password/recover
Version: 1.0
Security: 

## Request fields (application/json):

  - `login` (string, required)
    Email or username
    Example: "user@gmail.com or john_smith"

## Response 400 fields (application/json):

  - `errorCode` (string, required)
    Error code

  - `message` (string, required)
    Error message

  - `docUrl` (string)
    Link to documentation

## Response 404 fields (application/json):

  - `errorCode` (string, required)
    Error code

  - `message` (string, required)
    Error message

  - `docUrl` (string)
    Link to documentation


