I would like to know how can I implement a rule “force reset password” redirecting the user to the auth0 login page with a custom message.
I was trying some stuff, like:
Redirect to the login page
I was redirecting to the login page with an Unauthorized error, but since auth0 keeps the user session alive, it creates a “too_many_redirections” because soon as the request hits the login page, it will automatically try a new login. It only destroys the session if the user accesses the logout app URL.
Redirect to the reset password token URL
It just doesn’t work, when I used a redirect to this URL inside the rule, the state token in the query string, somehow breaks the URL.