Password reset and email verification links removed from tenant logs

joey-nsure · December 10, 2023, 8:53am

Just received this email:

We are deprecating the functionality that logs plaintext Password Reset and Email Verification links within tenant logs. These links are created upon the creation of a Password Reset and Email Verification ticket using the Management API endpoints ('api/v2/tickets/password-change' or '/api/v2/tickets/email-verification').


Password Reset and Email Verification links will be removed from tenant logs as of February 5, 2024.

Will this affect the actual behavior of the password reset/email verification processes? Will users still be able to perform these operations and receive a corresponding email?

marcelina.barycka · December 11, 2023, 3:06pm

Hi @joey-nsure , welcome to Auth0!

No, the change is only about removing the mentioned links from the Monitoring → Logs section to reduce the presence of them to the required minimum (security reasons).

Definitely.

For more info or to provide feedback on that, please take a look - Action Required: Password reset and email verification links removed from tenant logs

system · December 25, 2023, 3:06pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.