I was asked this question today about some of our login UI that are internal only and thus only have our federated employee connection enabled. All regular password-based user database connections have been disabled for this Application. For some reason the password reset link still shows on the Universal Login page for these applications, and more confusingly it worked to initiate the reset email, even though ultimately the link goes to an error message, due to these apps not having any password-based connections enabled. Is there a way to disable showing the password reset link for these kind of apps? I’m surprised that this isn’t already the default behaviour.
Hi @ttylin, and welcome to the Auth0 Community!
The Forgot password link can be disabled for the Universal Login by calling the “PATCH /api/v2/connections/{id}}” Management API endpoint with options.disable_self_service_change_password set to true. Please check out this Knowledge Article for a detailed guide.
I hope this helps you solve the use case!
Sincerely,
Teodor.