Auth0 Home Blog Docs

Password reset direct from rule

If I have a simple rule like so: Check last password reset

How can I force this to auto redirect to the Auth0 reset password page without going through an email process? I’ve looked and looked how to do this but maybe I’m missing something obvious?

Many thanks!

Hi @jgmellon,

I don’t think you want to do this, at least without some careful security analysis.

Using the password reset flow, e-mail and all, requires the user to have access to their e-mail, proving who they are.

If you take them directly to the page, this changes the flow.

This would require security analysis to make sure it is what you want.

Having said that, I think you can just get a password reset ticket from the management API and redirect to it, but I have never tried that.

John