diff --git a/Microservicios/MsUsuarios/Controllers/AuthController.cs b/Microservicios/MsUsuarios/Controllers/AuthController.cs
index f3c25df..20e2330 100644
--- a/Microservicios/MsUsuarios/Controllers/AuthController.cs
+++ b/Microservicios/MsUsuarios/Controllers/AuthController.cs
@@ -47,6 +47,28 @@ namespace MSAdminUsuarios.Controllers
             
         }
 
+        [HttpPost("CambiarClave")]
+        public IActionResult CambiarClave([FromBody] USUARIO us)
+        {
+            try
+            {
+                USUARIO? user = _context.USUARIOSMs.FirstOrDefault(u => us.NU_PK_USUMS == u.NU_PK_USUMS);
+
+                if (user == null) return BadRequest("Usuario no encontrado.");
+
+                string newPass = _encript.EncryptPwd(us.TX_PASSWORD_USUMS!);
+                user.TX_PASSWORD_USUMS = newPass;
+
+                _context.USUARIOSMs.Update(user);
+                _context.SaveChanges();
+
+                return Ok("Contraseña actualizada correctamente");
+            } catch (Exception e)
+            {
+                return Conflict(e.Message);
+            }
+        }
+
         [HttpPost("Proveedor")]
         public IActionResult LoginProveedores([FromBody] LoginModel login)
         {
@@ -122,6 +144,19 @@ namespace MSAdminUsuarios.Controllers
             return Ok(_encript.DecryptHashTkn(text));
         }
 
+        [HttpGet("TknCambioClave")]
+        public IActionResult ObtenerTokenCambioClave(int pkUs)
+        {
+            try
+            {
+                return Ok(TokenCambioClave(pkUs));
+            } catch (Exception e)
+            {
+                return BadRequest(e.Message);
+            }
+        }
+
+
         [AcceptVerbs("GET")]
         string Token(USUARIO user)
         {
@@ -217,6 +252,38 @@ namespace MSAdminUsuarios.Controllers
 
             return Encripter.Cypher(token);
         }
+        
+        string TokenCambioClave(int pkUser)
+        {
+            USUARIO? user = _context.USUARIOSMs.FirstOrDefault(u => pkUser == u.NU_PK_USUMS);
+            if (user == null) throw new Exception("Usuario no encontrado");
+
+            //Security key debe ser un environment variable seguro
+            var secretKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Encripter.HashKey));
+            var signingCredentials = new SigningCredentials(secretKey, SecurityAlgorithms.HmacSha256);
+            
+
+            ClaimsIdentity claims = new ClaimsIdentity(new List<Claim>
+                {
+                    new Claim("user", user.TX_PKDOC_USUMS),
+                    new Claim("loginName", user.TX_LOGINNAME_USUMS),
+                    new Claim("pk", user.NU_PK_USUMS.ToString())
+                });
+
+
+            var securityTokenDescriptor = new SecurityTokenDescriptor
+            {
+                Subject = claims,
+                Expires = DateTime.Now.AddMinutes(20),
+                SigningCredentials = signingCredentials
+            };
+
+            var jwtSecurityTokenHandler = new JwtSecurityTokenHandler();
+            var securityToken = jwtSecurityTokenHandler.CreateToken(securityTokenDescriptor);
+            var token = jwtSecurityTokenHandler.WriteToken(securityToken);
+
+            return Encripter.Cypher(token);
+        }
 
     }
 
