Feature: Action for Forgot Password Request Submitted
Description: There is no action available for the stage in the account recovery workflow where the email address has been submitted to Auth0. This action could be used for several things were it available.
Use-case: Without this action we will be challenged to make use of a system other than Auth0 for the management of the user experience templates for recovery emails since there is no way for us to programmatically be aware of–and respond to–a recovery request that has been submitted. It also makes it challenging for us to close a user experience gap that appears to exist with Auth0 in that an email address that is submitted in this workflow that is not associated with an account will not be notified that an account does not exist. Certainly we don’t want to make that notification happen in the UI, but an out of band communication (via email to the supplied address) is a solution that is reasonable from a security perspective and better than leaving the user in the dark wondering why their requested email never arrives.
If I’m misstating anything, I won’t at all be offended by being corrected.