Using the Auth0 SDK for Web reference for changing password for a user: https://auth0.com/docs/libraries/auth0js/v9#password-reset-requests
The following example requests a password change for a non-existent user (example@example.com) is not a known email address to our auth0 domain. Looks like this:
Request:
fetch('https://merittian.auth0.com/dbconnections/change_password', {
credentials: 'omit',
headers: {
'auth0-client': '***',
'content-type': 'application/json',
},
referrer: 'https://apply.merittian.com/reset',
referrerPolicy: 'no-referrer-when-downgrade',
body: {
client_id: '***',
email: 'example@example.com',
connection: 'Username-Password-Authentication',
},
method: 'POST',
mode: 'cors',
});
Response:
Status Code: 200
Response: We've just sent you an email to reset your password.
Auth0 Logs (Failed Change Password Request):
{
"date": "2019-03-12T20:35:24.284Z",
"type": "fcpr",
"description": "User does not", // this is the response I expected with whatever appropriate status code
"connection": "Username-Password-Authentication",
"connection_id": "***",
"client_id": "***",
"client_name": "Merittian",
"ip": "***",
"user_agent": "Other 0.0.0 / Other 0.0.0",
"details": {
"body": {
"tenant": "merittian",
"client_id": "***",
"connection": "Username-Password-Authentication",
"email": "example@example.com",
"verify": true,
"debug": false
}
},
"user_id": "",
"user_name": "example@example.com",
"strategy": "auth0",
"strategy_type": "database",
"log_id": "***",
"isMobile": false
}