How to use "password reset API"?

ntkt · September 6, 2018, 7:22am

I’m Japanese.
So maybe my English is bad.
Sorry.

I want to use “password reset API” in Auth0.
However, I can’t.

Using PHP7 and Guzzle.

$data = [
    'form_params' => [
        'client_id' => 'CLIENT_ID',
        'result_url' => 'http://localhost/password_reset/confirm',
        'connection_id' => 'CONNECTION_NAME',
        'email' => 'MAIL@ADDRESS',
        'ttl_sec' => 0,
    ],
    'header' => [
        'content-type' => 'application/json',
    ]
];


$result = $this->Guzzle->guzzleRequest('POST', https://API_NAME.auth0.com/api/v2/tickets/password-change, $data);

It’s returned {"statusCode":401,"error":"Unauthorized","message":"Missing authentication"}.

I can’t understand how to use this API…
Please help me.

Thank you!

john.gateley · September 6, 2018, 2:06pm

Hi Ntkt,

You must authenticate to the API.

I would suggest first trying this using the management API explorer:

You must first set the API token (the button in the upper left part of the screen).

It is this token that you are missing in your code, but try with the explorer first to be sure you understand.

John

ntkt · September 7, 2018, 5:50am

Thank you for your reply, John!

I tried to use the API " /api/v2/tickets/password-change",
but it returned {"statusCode":401,"error":"Unauthorized","message":"Invalid token","attributes":{"error":"Invalid token"}}.

First, I logged in Auth0’s management page.
And I clicked “APIs” in left side menu.

Second, I clicked “Auth0 Management API” and look " Machine to Machine Applications" tab’s page.

Finally, I turned on “Authorized” switch.

Next, I wrote this code:

$data = [
    'form_params' => [
        'grant_type' => 'client_credentials',
        'client_id' => 'CLIENT_ID',
        'client_secret' => 'CLIENT_SECRET',
        'audience' => 'https://MY_DOMAIN.auth0.com/api/v2/',
    ],
    'header' => [
        'content-type' => 'application/json'
    ]
];

// send with guzzle
$result = $this->Guzzle->guzzleRequest('POST', 'https://MY_DOMAIN.auth0.com/oauth/token', $data);

This code can get Access Token.

And I wrote this code:

$data = [
    'form_params' => [
        'client_id' => 'CLIENT_ID',
        'email' => 'mail@address',
        'connection' => 'CONNECTION_NAME',
    ],
    'headers' => [
        'content-type' => 'application/json',
        'Authorization' => 'Bearer ' . 'ACCESS_TOKEN'
    ],
];

// send with guzzle
$result = $this->Guzzle->guzzleRequest('POST', $this->_auth0PasswordResetTicketUrl, $data);

It returned {"statusCode":401,"error":"Unauthorized","message":"Invalid token","attributes":{"error":"Invalid token"}}…
Why?

Where am I wrong?

ntkt · September 10, 2018, 4:04am

I checked read:clients, read:client_keys and create:user_tickets,
then error message was changed.

{"statusCode":400,"error":"Bad Request","message":"Invalid request payload JSON format"}

Maybe It authorized, but I can’t understand this passage.
How to fix?

I wrote this code:

$data = [
    'form_params' => [
        'client_id' => 'CLIENT_ID',
        'email' => 'mail@address',
        'connection' => 'CONNECTION_NAME',
    ],
    'headers' => [
        'content-type' => 'application/json',
        'Authorization' => 'Bearer ' . 'ACCESS_TOKEN'
    ],
];

// send with guzzle
$result = $this->Guzzle->guzzleRequest('POST', $this->_auth0PasswordResetTicketUrl, $data);

konrad.sopala · August 20, 2019, 9:55am

Hey there!

Sorry for such delay in response! We’re doing our best in providing the best developer support experience out there, but sometimes the number of incoming questions is just too big for our bandwidth. Sorry for such inconvenience!

Do you still require further assistance from us?