I am passing the client_id and organization_id when creating a management ticket to change password. The user is properly routed back to the application as auth0 reroutes them to the initiate_login_uri with the organization_id / name in the query parameters.
Although, when a user tries to use the same reset password link and the “Invalid Link” page is displayed, the back button redirect does not pass any query parameters besides the iss to the initiate_login_uri. Is there an additional setting for this?
Hi @jpalacios,
I have reached out internally to confirm what the expected behavior is with the query parameters and the back button on the “Invalid Link” page. I will update you when I hear back!
Thanks,
Mary Beth
Hi @jpalacios,
The product manager I am working with on this asked if I could open up a ticket to the Engineering team about this issue for them to investigate further. I have just submitted that and will keep you updated on its progress!
Thanks,
Mary Beth
1 Like
@jpalacios,
Could you kindly provide some steps to reproduce? The Engineer is trying to replicate this and doesn’t get the “Invalid Link” page to appear. He gets a “Link Expired” page instead. Screenshots or code snippets of how you are generating this ticket will be helpful!
Thanks,
Mary Beth
Hello! Thanks for looking into this.
I think the Invalid Link / Link Expired page might be the same as we are overriding some of the template fields:
"reset-password-error": {
"descriptionUsed": "This link has already been used. To reset your password, return to the login page and select \"Forgot Your Password\" to send a new email.",
"eventTitleExpired": "Link Expired",
"eventTitleGeneric": "Invalid Link",
"eventTitleUsed": "Invalid Link",
But it is on this page where the back button no longer contains the query parameters necessary.
For generation of the ticket:
ticket := &management.Ticket{
Email: auth0.String(email),
OrganizationID: auth0.String(auth0OrgID),
ConnectionID: auth0.String(connectionID),
ClientID: auth0.String(clientID),
TTLSec: auth0.Int(oneDaySeconds), // one day
MarkEmailAsVerified: auth0.Bool(true),
}
err := g.auth0Manager.Ticket.ChangePassword(ctx, ticket)
I attached two screenshots, the first of which shows the hovering over the back button after successfully changing the password. In this you can see the organization parameters are filled. The second shows that only this iss field is being populated.
To reproduce, use the same email link again given by the management ticket.
1 Like
@jpalacios,
Thank you so much for all of this information!! I’ve passed it along to the Engineer for their review.
Best,
Mary Beth
