Password Reset Emails Not Received

Overview

This article explains why users might not receive emails when invited to an organization or when a password reset is requested. This issue occurs even when other email communications from the system are delivered successfully.

Applies To

  • Password Reset Emails

Cause

The failure to receive emails can stem from several issues:

  1. Email provider configuration problems, such as a non-verified email address. This issue is common with services like Amazon Simple Email Service (SES) or SendGrid.
  2. Incorrect use of the Management API password reset ticket endpoint. This endpoint generates a ticket link but does not automatically send an email. For correct usage and further details, refer to the article Create a password change ticket.
  3. Attempts to reset a password for unsupported connection types, such as Social, Enterprise, or Passwordless connections.
  4. Entry of an email address that does not exist in the database, often due to a typographical error. Even if the system displays a “Check Your Email” message, the password reset email is not sent to a non-existent address.
  5. The ‘Change Password’ email template is disabled. This template cannot be deactivated through the Dashboard UI but can be disabled using the Management API. The current settings can be retrieved with a GET request to the /api/v2/email-templates/reset_email endpoint to check if enabled is set to false. If disabled, a PATCH request to this same endpoint can set enabled to true.

Solution

To ensure password reset emails are correctly triggered when using API methods, or to clarify the functionality of different password-related endpoints:

  • To Send a Password Reset Email Programmatically:
    • Utilize the Auth0 Authentication API endpoint documented under Change Password.
    • Make a POST request to this endpoint as detailed in the official Auth0 documentation. This action is designed to send a password reset email directly to the user. This method serves as an alternative to the user-initiated Forgot password link in Universal Login.
  • Understanding the Management API’s Create a password change ticket Endpoint:
    • This Management API endpoint does not send an email.
    • Its primary function is to generate a ticket URL that enables a password reset.
    • This functionality is intended for custom password reset flows where the organization is responsible for delivering the generated ticket URL to the user through a communication channel outside of Auth0’s automated email system.
1 Like