I am trying to implement a use-case where a user forgot his password and clicks on “password reset” on our website. Next thing, he enters his email address and we’re using the
endpoint to send an email with a verify link to him. This works and he receives the email. The email contains a link back to our website with a ticket in the query parameter, like so:
Upon clicking this link, the user gets to our website and is prompted to enter his email and come up with a new password. Therefore now we have:
- a ticket
- the email address
- a new password
However, I cannot find any documentation what to do with these pieces of information. I would have assumed there is an auth0 api endpoint that lets me change the password using the ticket as a one-time-valid authorization. Can someone push me into the right direction as to how to proceed from there?