Auth0 Home Blog Docs

Fetching reset-password ticket on backend and redirecting user to url on frontend. Security concerns?

Hi there, as the title suggests, I’m fetching reset-password ticket on backend and redirecting user to url on the frontend. This is triggered from inside the app only when the user is logged in.

Is this considered an anti-pattern? Or is it legitimate way of doing password reset with Auth0?