Hi Dan,
Thanks for your response. Unfortunately this thread does not cover the issue. When I request a reset-ticket via the management API, there is no notion of an application. Hence setting a default login URI for any application has no effect on the link the API generates. The default login URI only works when a user enters the password reset flow by clicking on forgot password on the login screen (to which he was re-directed from a specific app). Somehow the token that is generated in this scenario does contain the information to what application it belongs.
Thanks,
Fabio