Best way to require users change their password every year?

What is the best way to require users to change their password once a year? I have been attempting to redirect users to the reset-password page from within an Auth0 rule that checks the last time a user changed their password. I generate the ticket number for the query string parameter using the Auth0 Management API but when I try to redirect there from the Auth0 rule, it instead takes me to a different link under the production tenant even though my rule is within the development tenant.

Is there an easier way to do this? How do you manage enforcing a password reset for your users after a certain time period?

Hi there @jasonskipper0831 welcome to the community!

As far as I’m aware using a rule is the best way to go about this - I did find a previous community post that links to a rule as a basic implementation example:

Hope this helps!

1 Like