Password Reset Not Sent After Enabling Bot Detection for Password Reset Flows on Classic Universal Login

Overview

After enabling the Bot Detection feature for the Password Reset flows while using Classic Universal Login, password reset emails are not being sent, and there are no errors in the logs. This article explains a potential cause and resolution.

Applies To

  • Classic Universal Login
  • Bot Detection
  • Password Reset Flows

Cause

An older version of the auth0.js lock library is being used when using a “Custom Login Page” (Classic Universal Login).

This can be seen on the line that has the following format:

<script src="https://cdn.auth0.com/js/lock/11.33.0/lock.min.js"></script>

Solution

Modify the version to the latest one by changing the line of code inside the custom HTML for the Login Page to:

<script src="https://cdn.auth0.com/js/lock/13.0/lock.min.js"></script>

See the latest version of the auth0.js lock library on this Auth0 GitHub page.