Hi, I’m sorry for the silly question but I can’t seem to find informations on the Auth0 documentation.
Right now we are using Auth0 for the login flow, and we’d like to use it also for the reset password.
One of my colleagues says that Auth0 requires us to expose an unprotected endpoint used by Auth0 to set the new user passwords, but I find it difficult to believe anybody would ever agree to do that.
Reading the password reset documentation, I see the suggested approach is the interactive password reset flow, which sends a reset email to the user, with an URL inside that will then allow the user to set a new password.
What I can’t find is, how do I let Auth0 set the new password into my database? I’m quite sure it’s gonna call an endpoint with a JWT token I can verify to make sure the request is authenticated, but where can I read technical details and documentation on how to implement this endpoint?
I’m using Node.js on the server side.