diff --git a/docs/API.md b/docs/API.md
index 9889f4f..ffd2f09 100644
--- a/docs/API.md
+++ b/docs/API.md
@@ -13,7 +13,7 @@ Endpoints protected with `requireAccessToken` middleware:
 
 - `GET /auth/me`: Get own user's data -> `userResponse` DTO (user ID, username, admin status, and timestamps of creation and last update)
 - `POST /auth/logout`: Logout the current user -> Cookie that replaces the refresh token with one that expires immediately
-- `PUT /auth/owner/`: Update password of the current user with `old_password` and `new_password` -> HTTP 204 response
+- `PUT /auth/owner/`: Update password of the current user with `old_password` and `new_password` -> Cookie with a new refresh token and response with access token and updated user data
 - `DELETE /auth/owner/`: Delete the current user (as the owner) with `password` -> HTTP 204 response and cookie that replaces the refresh token with one that expires immediately
 - `GET /auth/admin/all`: As an administrator, list all users stored in the system (adjustable with pagination URL parameters) -> Array of `userResponse` DTOs
 - `DELETE /auth/admin/{userID}`: As an administrator, delete a specific user -> HTTP 204 response