Access request parameters in post reset password action

flybrother · May 31, 2023, 7:18am

Hi Auth0 Community,
Our scenario is about sending invitations (we create account for an user and send reset password link) rather than allowing an user to sign up. On the first reset password attempt we would like to gather some information like e.g first name, last name.
For the purpose we’re trying to use custom template for reset password page with some additional inputs (GitHub - auth0/auth0-custom-password-reset-hosted-page: An example on how to do a custom reset password hosted page.) to pass some parameters in reset password request (lo/reset endpoint). After that we want to use post change password action trigger (Post Change Password Flow) with Management API call to update user properties (this part is working). However we are having hard time to pass custom parameters to post change password trigger context. It’s basically not visible there. Is this even possible to do? If not could you please suggest some other solution?

logs:

Success Change Password (/lo/reset request):

{
  "title": "Change Password",
  "email": "EMAIL",
  "body": {
    "_csrf": "6hTPDE4L-vsK6BL61iU2egD5C7ma6Qv33m5I",
    "ticket": "E6sjZ9rlOmiwnfV3ivFRJGSZsEEkHi7x",
    "email": "EMAIL",
    "newPassword": "PASS",
    "confirmNewPassword": "PASS",
    "customName": "customName", // here
    "params": {
    "customName": "customName" // and here
     }
  },
  "query": {
    "user_id": "USER_ID",
    "email": "EMAIL",
    "username": null,
    "newPassword": null,
    "tenant": "TENANT",
    "client_id": "CLIENT_ID",
    "connection": "Username-Password-Authentication",
    "resultUrl": null,
    "markEmailAsVerified": true,
    "includeEmailInRedirect": false
  }
}

No ‘customName’ parameter avaiable in event object in post change password trigger action:

/**
* Handler that will be called during the execution of a PostChangePassword flow.
*
* @param {Event} event - Details about the user and the context in which the change password is happening.
* @param {PostChangePasswordAPI} api - Methods and utilities to help change the behavior after a user changes their password.
*/
exports.onExecutePostChangePassword = async (event, api) => {
    console.log(`EVENT: ${JSON.stringify(event)}`);
    console.log(`API: ${JSON.stringify(api)}`);

  var ManagementClient = require('auth0@2.9.1').ManagementClient;
  var auth0 = new ManagementClient({
    token: event.secrets.TOKEN,
    domain: event.request.hostname
  });

  const userData = {
    // @ts-ignore
    given_name: event.request.customName,
    family_name: '123'
};

  const params = { id: event.user.user_id };


  auth0.updateUser(params, userData, function (err, user) {
    if (err) {
      // Handle error.
      console.log(err);
    }
    console.log(user);
  });

};

konrad.sopala · January 8, 2024, 12:47pm

Hey there!

As this topic is related to Actions and Rules & Hooks are being deprecated soon in favor of Actions, I’m excited to let you know about our next Ask me Anything session in the Forum on Thursday, January 18 with the Rules, Hooks and Actions team on Rules & Hooks and why Actions matter! Submit your questions in the thread above and our esteemed product experts will provide written answers on January 18. Find out more about Rules & Hooks and why Actions matter! Can’t wait to see you there!

Learn more here!