I am looking for a way to create a custom reset forgot password page. By default flow when a user initiates the process of forgetting a password, he receives an email with the link which contains a ticket ID. I believe that auth0 somehow identifies a user by that ticket id. In my case, if a user initiates the forgot password process, how can I identify a user? I suppose I should change URL in the email template to custom one, but I doubt regarding how to identify a user who wants to change the password?
Sure, but I think that’s not what I am looking for. I want users to reset their passwords on my custom page, which will be hosted on my website, not auth0.
Creating a password change ticket will trigger sending an email with the link to auth0 reset password page, right?
Are you looking to provide this functionality in authenticated or Un-authenticated space? For authenticated space, it’s simply an update user call from Management API.
For unauthenticated space sending email is easy and best approach. But if you don’t want to send email for password reset. You may need to determine how can you Identify a real user(using personal info combine with OTP), that is the biggest question.
I would like to send emails to users with the link, but I would like that link to point to my custom website-based page. How do you think what parameters are possible to set to such a link to let me identify a user on my website-base page?