Feature: Fix or explain why password resets seem to be tied to organizational membership
Description:
When a user attempts to reset their password then being invited to an organization no reset email is ever sent.
in the logs we see a Failed Change Password Request. because “User does not exist or user is not part of organization”.
Why would being part of the organization have anything to do with password resets?
Use-case:
In the usecase that a user is invited to a organization and they forgot their password, they are presented a link to reset that password. However when they try to perform that operation they receive no email.
In our personal usecase: [which we thought we had tested and was working]
We want to invite a user to an organization via a u/p connection. They would get the invite link, reset their password, which we assume would create an account and then be able to continue on accepting the invite, adding them to the organization.
We also ran into this as well where: https://support.auth0.com/help/s/article/Is-it-possible-to-implement-an-invitation-flow-using-Auth0-organizations-while-disabling-sign-up-on-a-connection
I don’t want to go into too much detail here on what exactly we are doing but I believe that the first use case should be sufficiently common.