Forgot password link in customized login page

I customized the login page, however I do not know what href or action url use to redirect users to password reset page. Neither I see it in documentation. I tried using an href directly in the link and it says that tenant param is missing. After that I made a form in a function for the onClick event of the element, but it returns 404.
This is the last very basic way I tried:

function submitForm() {
    if (typeof config !== 'undefined' && config.clientID) {
        const clientId = config.clientID;

        const tenant = config.auth0Tenant;

        const form = document.createElement("form");
        form.method = "POST";
        form.action = `https://${tenant}.us.auth0.com/lo/reset`;

        const tenantField = document.createElement("input");
        tenantField.type = "hidden";
        tenantField.name = "tenant";
        tenantField.value = tenant;
        form.appendChild(tenantField);

        const clientIdField = document.createElement("input");
        clientIdField.type = "hidden";
        clientIdField.name = "client_id";
        clientIdField.value = clientId;
        form.appendChild(clientIdField);

        document.body.appendChild(form);
        form.submit();

    }
}

:roll_eyes:
I read in other questions that setting ‘Content-Type’: ‘application/x-www-form-urlencoded’ could work however this is the default type in a post request, so I tried with a fetch request to try that and error was what I received. :sweat:
I just need that users click on forgot password link and then they see the password reset window :pray:

Hi @laynier.piedra,

Welcome to the Auth0 Community!

If you are using the New Universal Login page, your users should be able to click on the forgot password option to trigger a password reset email sent to their email address.

However, if you prefer to send the user a password reset email instead, you could make a POST request to the /dbconnections/change_password endpoint.

POST https://{yourDomain}/dbconnections/change_password
Content-Type: application/json
{
  "client_id": "{yourClientId}",
  "email": "EMAIL",
  "connection": "CONNECTION",
  "organization": "ORGANIZATION_ID"
}

(Reference: Authentication API Explorer)

Thanks,
Rueben

:roll_eyes: How do you access user email from there? @@coonfig@@ var does not have it

{
“client_id”: “{yourClientId}”,
“email”: “EMAIL”,
“connection”: “CONNECTION”,
“organization”: “ORGANIZATION_ID”
}

Hi @laynier.piedra,

If you call the /dbconnections/change_password endpoint, you must supply the user’s email address yourself.

When using Lock in the customized login page, you can get the email address if it was passed in the login_hint query parameter. Then you can do something like:

email: loginHint

Let me also add that you can implement the forgot password link using the allowForgotPassword option. See Lock Configuration Options.

Thanks,
Rueben

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.