Last Updated: Sep 5, 2024
Overview
Back to Application button does not appear when a Reset Password Email is invalidated by issuing a new Reset Password Ticket.
Steps to reproduce the issue:
-
Create a password reset ticket #1 using the following payload:
{ "email": "existing@user.com", "ttl_sec": 1, "connection_id": "con_XXX", "mark_email_as_verified": true }
NOTE: Set the TTL to 1 second to be able to reproduce the issue quicker.
The above request creates a password reset ticket like this:
-
Navigate to the password reset link and note that the Back to Application button is visible. Leave this tab open.
-
On a new tab, Create a new password reset ticket (#2) for the same user.
-
Navigate to the second password reset link and then go back to the previous one, and see the Back to Application button is no longer there. Instead, there’s a button redirecting back to the Tenant’s login URL or no button at all.
Applies To
- Reset Password Ticket
- Reset Password Email
- Back to Application button
Solution
This is expected behavior.
When a new ticket is created, older tickets of the same type are deleted for the given user. There is no information about that specific ticket, therefore, the button cannot be rendered. Instead of the Back to My App option, there’s a new button that redirects back to the Tenant’s Default Login URI.
If the Tenant Login URI is not set, no button will be displayed.