Forgot password link in customized login page

laynier.piedra · November 26, 2024, 9:13pm

I customized the login page, however I do not know what href or action url use to redirect users to password reset page. Neither I see it in documentation. I tried using an href directly in the link and it says that tenant param is missing. After that I made a form in a function for the onClick event of the element, but it returns 404.
This is the last very basic way I tried:

function submitForm() {
    if (typeof config !== 'undefined' && config.clientID) {
        const clientId = config.clientID;

        const tenant = config.auth0Tenant;

        const form = document.createElement("form");
        form.method = "POST";
        form.action = `https://${tenant}.us.auth0.com/lo/reset`;

        const tenantField = document.createElement("input");
        tenantField.type = "hidden";
        tenantField.name = "tenant";
        tenantField.value = tenant;
        form.appendChild(tenantField);

        const clientIdField = document.createElement("input");
        clientIdField.type = "hidden";
        clientIdField.name = "client_id";
        clientIdField.value = clientId;
        form.appendChild(clientIdField);

        document.body.appendChild(form);
        form.submit();

    }
}

I read in other questions that setting ‘Content-Type’: ‘application/x-www-form-urlencoded’ could work however this is the default type in a post request, so I tried with a fetch request to try that and error was what I received.
I just need that users click on forgot password link and then they see the password reset window

rueben.tiow · November 26, 2024, 11:01pm

Hi @laynier.piedra,

Welcome to the Auth0 Community!

If you are using the New Universal Login page, your users should be able to click on the forgot password option to trigger a password reset email sent to their email address.

However, if you prefer to send the user a password reset email instead, you could make a POST request to the /dbconnections/change_password endpoint.

POST https://{yourDomain}/dbconnections/change_password
Content-Type: application/json
{
  "client_id": "{yourClientId}",
  "email": "EMAIL",
  "connection": "CONNECTION",
  "organization": "ORGANIZATION_ID"
}

(Reference: Authentication API Explorer)

Thanks,
Rueben

laynier.piedra · November 27, 2024, 7:12pm

How do you access user email from there? @@coonfig@@ var does not have it

{
“client_id”: “{yourClientId}”,
“email”: “EMAIL”,
“connection”: “CONNECTION”,
“organization”: “ORGANIZATION_ID”
}

rueben.tiow · December 5, 2024, 12:05am

Hi @laynier.piedra,

If you call the /dbconnections/change_password endpoint, you must supply the user’s email address yourself.

When using Lock in the customized login page, you can get the email address if it was passed in the login_hint query parameter. Then you can do something like:

email: loginHint

Let me also add that you can implement the forgot password link using the allowForgotPassword option. See Lock Configuration Options.

Thanks,
Rueben

system · January 13, 2025, 6:57pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to create a "Forgot Password"/"Reset Password" link when using Universal Login BUT with Customize Login Page Get Help password-reset , forgot-password	6	95933	December 17, 2019
Password Reset Link? Get Help login-experience , new-universal-login-experience	2	4701	June 21, 2023
How to change forget password url in universal login page Get Help classic-universal-login-experience , login-experience	4	1882	October 25, 2023
How to open Universal Login Page to Forgot Password? Get Help	4	4870	December 15, 2020
Send Password reset link with Verification email Get Help password-reset , management-api , verification-email	2	6917	April 29, 2021

Forgot password link in customized login page

Related topics