Last Updated: Dec 13, 2024
Overview
The redirection after a password change using Universal Login depends on several factors. This article details the password change redirect behavior.
Applies To
- Password Change Redirects
- Redirect URL
Cause
The redirect URI that the user is directed to after a successful password reset can come from multiple sources. This depends on whether New Universal Login or Classic Universal Login is used, whether a password change ticket is generated directly via the Management API or sending a password change email via the Authentication API, from the login page, or other.
If there is no redirect or no button is seen on the password reset confirmation page, then it is likely not set.
The following flow chart will help as a guide toward the appropriate place to set the redirect URI, depending on the configuration.
Solution
The URL the user is redirected to after a Password Reset varies according to how the reset flow was initialized and what parameters are passed. To address this, make sure the redirect URL is being passed according to the given use case.
Password Reset Ticket issued by Management API
- Redirects to result_url passed in the body of the request to create the ticket.
- If no result_url is passed but client_id is, it will default to the Application’s Default Login URL.
- If client_id is not present, it will redirect to Tenant’s Default Login URL.
Password Reset via Email
- Redirects to the RedirectTo field in the Password Change Email Template.
- If no RedirectTo is passed but client_id is, it will default to the Application’s Default Login URL.
- If client_id is not present, it will redirect to Tenant’s Default Login URL.
The diagram below shows how the Password Reset redirection flow works.
Related Video
