Hello, @dan.woda , @SaqibHussain @david_wisecarver @tyf
I have a website that uses auth0,
the problem I encountered at the moment is:
there are several users who are connected to google-auth2 and when they ask to change their password, they do not receive the change email and when I took a look at the log in the dashboard , I get an error that says the user does not exist.
So I would like to know how should I solve this problem please.
Hi @patrick-urbidesk ,
These users log in to the app only with the use of theirs google account?
If that’s the case, the password reset flow happens on the google account side (google account is the Identity Provider managing passwords and they would need to follow the instructions for the “Forgot the password” under google.accounts.com/signin).
Auth0 does not store their passwords at all (Auth0 stores them only for a database connection).
Please let us know if you have any questions!
Thank you very much @marcelina.barycka , and I would like to know how to proceed if I would like to put some sort of alert when there is an error when sending the email (forgotten password) and to put an instruction specific like: Please log in again using your google account or something like that instead of the text email sent successfully even there is an error.
Hi @patrick-urbidesk ,
I’m looking into options now and would like to ask - do you use our New Universal Login Page?
If yes, it is possible to adjust the text displayed to the user which attempts to reset their password:
To do so, please go to your Auth0 tenant → Branding → Universal Login → Advanced options → Custom text → Prompt (reset-password) to adjust the relevant section with additional information for google-connection users.
Does this work for you?
Thank you for your response but I wanted to say that this message displayed on the screenshot must be an error message when auth0 was unable to send the email. (such as the case of users who are connected via google-oauth2) but at the moment this message remains the same in case of success or in case of error
@patrick-urbidesk The password reset flow is designed in a way it does not recognize whether an email is associated with an account and a database connection or not (this is justified with security reasons).
Thus it’s more recommended to include a short explanation under the prompt I’ve sent before that ‘this email will only be sent if an account exists. Try a google connection in another case’.
Thank you very much @marcelina.barycka
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.