Hi Auth0 team.,
I only need the auth0 API to create a custom authentication procedure in my app; everything else will be handled by our firewall.
The issue is that I want the API to update the password from the database, and I also need to know what the payload for that API will be. To reset the password, I receive an email, which I customise to reroute it to my application URL.
Additionally, I don’t want customize widget of auth0 to manage everything; our firewall will take care of it.
I tried a number of APIs to reset the password, but none of them worked.
- https://${AUTH0_DOMAIN}/u/reset-password/change?state=${ticket}
- https://${AUTH0_DOMAIN}/u/reset-verify
- https://${AUTH0_DOMAIN}/dbconnections/change_password
Hello @Shailesh-WA! Welcome to the community
Auth0 does support changing the password from the database. I found a few docs that hopefully answer the questions you’re asking.
Please let me know if these help, if not, reply and we can figure it out.
Best,
Alex
2 Likes
Hiii @alex.brett
Thanks for you prompt response.
This won’t work in my scene as far as I can tell because when I try to use Change user’s Password, I get the reset password email in my mail. The second point is also for receiving the reset email link in the mail, and the final point helps me find some more updating points in the user data table.
However, I’m worried about changing the password using an API in my own user interface, So I tried the last way, and I also succeeded. However, when I looked at the register user’s raw JSON, I discovered that there was no password key in the JSON, so how could I change the password there?
So my point is that who could i change the password if there is no password key in the raw JSON of user data.
One other thing I’d like to mention is that I need a token to change the user data, therefore when I reset the password using the forget password link, how do I acquire the user’s token without logging in?
Hello @Shailesh-WA!
Using the Management API, you should be able to directly set the password of a user without needing the password in the user JSON or without an access token. The test I did was using very basic examples so please let me know if there are settings I should configure. Here are some docs on changing a password directly.
Thank you for your response, if this doesn’t work or I’m missing something, please let me know!
Best,
Alex
1 Like
Hello @alex.brett
Thanks for your references about password changing method but i want the API for changing or resetting the password
In very simple term when i click on the reset password link in email which i get from the auth0 provider you can see the below image for the reference
I need to redirect it to my custom domain where I can enter the password and change it from the database.
After setting a new password, I need to contact the auth0 API to ensure that the password is correctly changed for that particular person.
My biggest concern was whether it was feasible to change the password this way or not.
