diff --git a/src/configuration/config.ts b/src/configuration/config.ts
index 9cc7f1d62e222b124eebb7f4acfbcbb33275000e..b6d29acca6ec81c264ea73c4c482790a914a3c36 100644
--- a/src/configuration/config.ts
+++ b/src/configuration/config.ts
@@ -17,5 +17,9 @@ export const config = {
       ejs: 'changeEmail.ejs',
       json: 'changeEmail.json',
     },
+    resetPassword: {
+      ejs: 'resetPassword.ejs',
+      json: 'resetPassword.json',
+    },
   },
 };
diff --git a/src/mailer/mail-templates/resetPassword.ejs b/src/mailer/mail-templates/resetPassword.ejs
new file mode 100644
index 0000000000000000000000000000000000000000..f632bbb4cc3b57606bd2488f333556b856cdb914
--- /dev/null
+++ b/src/mailer/mail-templates/resetPassword.ejs
@@ -0,0 +1,12 @@
+Bonjour<br />
+<br />
+Vous avez demandé une réinitialisation de votre mot de passe pour le
+<em>Réseau des Acteurs de la Médiation Numérique de la Métropole de Lyon</em>. Pour changer de mot de passe, merci de
+cliquer sur le lien suivant :
+<a
+  href="<%= config.protocol %>://<%= config.host %><%= config.port ? ':' + config.port : '' %>/users/reset-password/apply?token=<%= token %>"
+  >ce lien</a
+><br />
+Si vous n'avez pas demander de réinitiallisation de votre mot de passe, merci d'ignorer cet email.
+<br />
+Ce mail est un mail automatique. Merci de ne pas y répondre.
diff --git a/src/mailer/mail-templates/resetPassword.json b/src/mailer/mail-templates/resetPassword.json
new file mode 100644
index 0000000000000000000000000000000000000000..c5fe69522794c8f40ea20e57eb340aec8e9728f5
--- /dev/null
+++ b/src/mailer/mail-templates/resetPassword.json
@@ -0,0 +1,3 @@
+{
+  "subject": "Réinitialisation de mot de passe"
+}
diff --git a/src/users/reset-password-apply.dto.ts b/src/users/reset-password-apply.dto.ts
new file mode 100644
index 0000000000000000000000000000000000000000..7fd1ead4fe52ed3831fb8883b6fd3cbe597b8099
--- /dev/null
+++ b/src/users/reset-password-apply.dto.ts
@@ -0,0 +1,13 @@
+import { IsNotEmpty, IsString } from 'class-validator';
+import { ApiProperty } from '@nestjs/swagger';
+
+export class PasswordResetApplyDto {
+  @ApiProperty({ type: String })
+  @IsNotEmpty()
+  @IsString()
+  readonly password: string;
+  @ApiProperty({ type: String })
+  @IsNotEmpty()
+  @IsString()
+  readonly token: string;
+}
diff --git a/src/users/user.interface.ts b/src/users/user.interface.ts
index 0fe05c6f856caafb64c23ff4dfbaaa778d6b5773..84dd109cee9d506ff30248a93ade10eebe9886a2 100644
--- a/src/users/user.interface.ts
+++ b/src/users/user.interface.ts
@@ -6,5 +6,6 @@ export interface IUser extends Document {
   password: string;
   emailVerified: boolean;
   validationToken: string;
+  resetPasswordToken: string;
   role: number;
 }
diff --git a/src/users/user.schema.ts b/src/users/user.schema.ts
index abb11e91aaac1bac06d07ab6c513567b89a6791c..a37539e4df4cb2c1091f183cb125cb36ac2b976e 100644
--- a/src/users/user.schema.ts
+++ b/src/users/user.schema.ts
@@ -14,6 +14,9 @@ export class User {
   @Prop({ default: null })
   validationToken: string;
 
+  @Prop({ default: null })
+  resetPasswordToken: string;
+
   @Prop({ enum: [UserRole.admin, UserRole.user], default: UserRole.user })
   role: number;
 }
diff --git a/src/users/users.controller.ts b/src/users/users.controller.ts
index 18efa8f93224b9e4615ef5a58f2e3519e558e102..c870c5551a64a72b02f0bbc1ace87ec28e0666e1 100644
--- a/src/users/users.controller.ts
+++ b/src/users/users.controller.ts
@@ -1,8 +1,10 @@
-import { Body, Controller, Get, Param, Post, Query, Req, Request, UseGuards } from '@nestjs/common';
+import { Body, Controller, Get, Param, Post, Query, Request, UseGuards } from '@nestjs/common';
 import { ApiOperation, ApiParam, ApiResponse } from '@nestjs/swagger';
 import { JwtAuthGuard } from '../auth/guards/jwt-auth.guard';
 import { PasswordChangeDto } from './change-password.dto';
 import { CreateUserDto } from './create-user.dto';
+import { PasswordResetApplyDto } from './reset-password-apply.dto';
+import { PasswordResetDto } from './reset-password.dto';
 import { UsersService } from './users.service';
 
 @Controller('users')
@@ -44,4 +46,16 @@ export class UsersController {
       passwordChangeDto.newPassword
     );
   }
+
+  @Post('reset-password')
+  @ApiResponse({ status: 200, description: 'Email sent if account exist' })
+  public async resetPassword(@Body() passwordReset: PasswordResetDto) {
+    return this.usersService.sendResetPasswordEmail(passwordReset.email);
+  }
+
+  @Post('reset-password/apply')
+  @ApiResponse({ status: 200, description: 'Email sent if account exist' })
+  public async resetPasswordApply(@Body() passwordResetApplyDto: PasswordResetApplyDto) {
+    return this.usersService.validatePasswordResetToken(passwordResetApplyDto.password, passwordResetApplyDto.token);
+  }
 }
diff --git a/src/users/users.service.spec.ts b/src/users/users.service.spec.ts
index a0d07977efa6fbc16729fb80a2ea8c8f90fe5463..c282c4a4a91897bde5ef23002440b9d2271a7e4c 100644
--- a/src/users/users.service.spec.ts
+++ b/src/users/users.service.spec.ts
@@ -38,6 +38,7 @@ describe('UsersService', () => {
         emailVerified: false,
         email: 'jacques.dupont@mii.com',
         password: '$2a$12$vLQjJ9zAWyUwiXLeQDa6w.yazDArYIpf2WnQF1jRHOjBxADEjUEA3',
+        resetPasswordToken: null,
       };
       const userDto: CreateUserDto = { email: 'jacques.dupont@mii.com', password: 'test1A!!' };
       jest.spyOn(service, 'create').mockImplementation(async (): Promise<User> => result);
@@ -71,6 +72,7 @@ describe('UsersService', () => {
         email: 'jacques.dupont@mii.com',
         password: '$2a$12$vLQjJ9zAWyUwiXLeQDa6w.yazDArYIpf2WnQF1jRHOjBxADEjUEA3',
         role: 0,
+        resetPasswordToken: null,
       };
       const loginDto: LoginDto = { email: 'jacques.dupont@mii.com', password: 'test1A!!' };
       jest.spyOn(service, 'findByLogin').mockImplementation(async (): Promise<User> => result);
diff --git a/src/users/users.service.ts b/src/users/users.service.ts
index 60780de2bc23298b1fa36157f2e7ab1a0514461d..e9aa009ec5a438a0671978501587d591888cbfe0 100644
--- a/src/users/users.service.ts
+++ b/src/users/users.service.ts
@@ -149,4 +149,42 @@ export class UsersService {
     user.password = await this.hashPassword(newPassword);
     user.save();
   }
+
+  public async sendResetPasswordEmail(email: string): Promise<HttpException> {
+    const user = await this.findOne(email);
+    if (user) {
+      const config = this.mailerService.config;
+      const ejsPath = this.mailerService.getTemplateLocation(config.templates.resetPassword.ejs);
+      const jsonConfig = this.mailerService.loadJsonConfig(config.templates.resetPassword.json);
+
+      const token = crypto.randomBytes(64).toString('hex');
+      const html = await ejs.renderFile(ejsPath, {
+        config,
+        token: token,
+      });
+      this.mailerService.send(user.email, jsonConfig.subject, html);
+
+      // Save token
+      user.resetPasswordToken = token;
+      user.save();
+    }
+    throw new HttpException('Email sent if account exist', HttpStatus.OK);
+  }
+
+  public async validatePasswordResetToken(password: string, token: string): Promise<any> {
+    const user = await this.userModel.findOne({ resetPasswordToken: token }).exec();
+    if (user) {
+      if (!this.isStrongPassword(password)) {
+        throw new HttpException(
+          'Weak password, it must contain ne lowercase alphabetical character, one uppercase alphabetical character, one numeric character, one special character and be eight characters or longer',
+          HttpStatus.UNPROCESSABLE_ENTITY
+        );
+      }
+      user.password = await this.hashPassword(password);
+      user.resetPasswordToken = null;
+      user.save();
+      throw new HttpException('Password Reset', HttpStatus.OK);
+    }
+    throw new HttpException('Invalid token', HttpStatus.UNAUTHORIZED);
+  }
 }