diff --git a/middleware/primary_resource_logic/reset_token_queries.py b/middleware/primary_resource_logic/reset_token_queries.py
index dd81385d..620314b0 100644
--- a/middleware/primary_resource_logic/reset_token_queries.py
+++ b/middleware/primary_resource_logic/reset_token_queries.py
@@ -95,25 +95,18 @@ def change_password_wrapper(
     db_client: DatabaseClient,
     dto: UserPutDTO,
     access_info: AccessInfoPrimary,
-    user_id: int,
 ):
-
-    if int(user_id) != access_info.user_id:
-        FlaskResponseManager.abort(
-            code=HTTPStatus.UNAUTHORIZED, message="Invalid token for user."
-        )
+    user_id = access_info.user_id
 
     # Check if old password is valid
     # get old password digest
-    db_password_digest = db_client.get_password_digest(user_id=access_info.user_id)
+    db_password_digest = db_client.get_password_digest(user_id=user_id)
     matches = check_password_hash(pwhash=db_password_digest, password=dto.old_password)
     if not matches:
         FlaskResponseManager.abort(
             code=HTTPStatus.UNAUTHORIZED, message="Incorrect existing password."
         )
-    set_user_password(
-        db_client=db_client, user_id=access_info.user_id, password=dto.new_password
-    )
+    set_user_password(db_client=db_client, user_id=user_id, password=dto.new_password)
     return message_response(
         message="Successfully updated password.",
     )
diff --git a/resources/UserProfile.py b/resources/UserProfile.py
index 4851136e..4f7773bf 100644
--- a/resources/UserProfile.py
+++ b/resources/UserProfile.py
@@ -27,7 +27,7 @@
 USER_PROFILE_DATA_REQUEST_ENDPOINT_FULL = f"/api/user/{DATA_REQUESTS_PARTIAL_ENDPOINT}"
 
 
-@namespace_user.route("/<user_id>/update-password")
+@namespace_user.route("/update-password")
 class UserUpdatePassword(PsycopgResource):
 
     @endpoint_info(
@@ -38,7 +38,7 @@ class UserUpdatePassword(PsycopgResource):
             success_message="Password successfully updated.",
         ),
     )
-    def post(self, access_info: AccessInfoPrimary, user_id: int) -> Response:
+    def post(self, access_info: AccessInfoPrimary) -> Response:
         """
         Allows an existing user to update their password.
 
@@ -52,7 +52,6 @@ def post(self, access_info: AccessInfoPrimary, user_id: int) -> Response:
             wrapper_function=change_password_wrapper,
             schema_populate_parameters=SchemaConfigs.USER_PUT.value.get_schema_populate_parameters(),
             access_info=access_info,
-            user_id=user_id,
         )
 
 
diff --git a/tests/helper_scripts/helper_classes/RequestValidator.py b/tests/helper_scripts/helper_classes/RequestValidator.py
index 4af2d526..dabe653b 100644
--- a/tests/helper_scripts/helper_classes/RequestValidator.py
+++ b/tests/helper_scripts/helper_classes/RequestValidator.py
@@ -448,13 +448,12 @@ def get_agency(
     def update_password(
         self,
         headers: dict,
-        user_id: int,
         old_password: str,
         new_password: str,
         expected_response_status: HTTPStatus = HTTPStatus.OK,
     ):
         return self.post(
-            endpoint=f"/api/user/{user_id}/update-password",
+            endpoint=f"/api/user/update-password",
             headers=headers,
             json={"old_password": old_password, "new_password": new_password},
             expected_response_status=expected_response_status,
diff --git a/tests/integration/test_user.py b/tests/integration/test_user.py
index 37b89e64..47c6be75 100644
--- a/tests/integration/test_user.py
+++ b/tests/integration/test_user.py
@@ -10,11 +10,11 @@
 from conftest import test_data_creator_flask, monkeysession
 
 
-def test_user_put(
+def test_update_password(
     test_data_creator_flask: TestDataCreatorFlask,
 ):
     """
-    Test that PUT call to /user endpoint successfully updates the user's password and verifies the new password hash is distinct from both the plain new password and the old password hash in the database
+    Test that PUT call to endpoint successfully updates the user's password and verifies the new password hash is distinct from both the plain new password and the old password hash in the database
     """
     tdc = test_data_creator_flask
 
@@ -24,12 +24,10 @@ def test_user_put(
 
     def update_password(
         old_password: str,
-        user_id: str = tus.user_info.user_id,
         expected_response_status: HTTPStatus = HTTPStatus.OK,
     ):
         return tdc.request_validator.update_password(
             headers=tus.jwt_authorization_header,
-            user_id=user_id,
             old_password=old_password,
             new_password=new_password,
             expected_response_status=expected_response_status,
@@ -39,7 +37,6 @@ def update_password(
     tus_other = tdc.standard_user()
     update_password(
         old_password=tus_other.user_info.password,
-        user_id=tus_other.user_info.user_id,
         expected_response_status=HTTPStatus.UNAUTHORIZED,
     )