Admin should be able to gain the password-change-information stored in the database via an API.