Auth0 Home Blog Docs

Fetching reset-password ticket on backend and redirecting user to url on frontend. Security concerns?

Hi there, as the title suggests, I’m fetching reset-password ticket on backend and redirecting user to url on the frontend. This is triggered from inside the app only when the user is logged in.

Is this considered an anti-pattern? Or is it legitimate way of doing password reset with Auth0?

Hey there!

Sorry for such huge delay in response! We’re doing our best in providing you with best developer support experience out there, but sometimes our bandwidth is not enough comparing to the number of incoming questions.

Wanted to reach out to know if you still require further assistance?