Ready to post? First, try searching for your answer.
Hi,
I tried to trigger a reset password flow but it didn’t work and threw an error: “Something went wrong, please try again later”.
I would double-check if the connection: Username-Password-Authentication is enabled for the client application in your Auth0 tenant.
Also, please make sure the user for which you attempt to trigger the password reset is already present in the Username-Password-Authentication user pool (as you can’t reset a password for a user that doesn’t exist in a specific connection).
I hope this helps you - otherwise, let me know, and we’ll be looking further into it
I had another look into what you reported, and one thing has caught my eye:
The error log says that the password reset request failed for the "client_name": "Default App" while the screenshot shows that the Username-Password-Authentication connection is enabled for the client name: Intrepid-Auth0-Dev. These are two different client applications.
I would say this is most likely the source of error
To reiterate, enabling the Username-Password-Authentication connection for the "client_name": "Default App" on a relevant Auth0 tenant should make your request work.
I checked your suggestion but it still failed. I logged in successfully, so I guess it is not a problem because I just changed the app name (The client ID of the app has not changed).
One possible reason for this failure is the network configuration on your side.
I remember once I worked on a case where our customer’s machine, under a corporate network, could not access CDN URLs with libraries that had been utilized by the Login widget, and as a result, requests within the respective flow were malformed.
It’s hard for me to tell what exactly is happening here, as I can’t reproduce this issue under regular network settings (it works for me well). Maybe requests sent from the machine are incorrectly routed.
If you can submit a support case, please attach a HAR file there (in the Community, due to security reasons, we do not accept HAR files).
I tried to run at my office and my home but they have the same error. I have asked my colleague to run from his laptop, but the error is still there.
I have already raised the support ticket with HAR files.
I have raised a ticket for 3 days but haven’t received any support from Auth0. Could you please advise me on how to expedite the process of raising a ticket to the support team?
I checked the reset-pass flow and saw it executed the getByEmail script and a responded result:
I don’t understand why the user has a verified email but is still encountering an error when trying to reset the password. Do you know how to obtain more debug logs from Auth0 management?
I found your tenant name internally to look more into your configurations. I can see that the reset password flow runs against your external database connection because the import mode (to migrate the user to the Auth0 store) is turned off.
Because of that, I would double-check the corresponding to your custom database “Change Password” script.
For debugging, you can install and use our extension “Real-time Webtask Logs” tool
To see what’s happening in your “Change Password” script while it is being run, you can add consol.log() on each step to print the responses and inspect them via the Real-time Webtask Logs.
I used the extension that you mentioned and saw only a log at a step where Auth0 executed the getUser script (with a valid profile), and the reset password flow stopped here with the error “Something went wrong, please try again later” and I didn’t receive a reset password email, so I think my script changePassword didn’t reach. Could we have a log that shows why the flow stopped without sending a reset-password email?
I further checked that I realized that the change password script will fire once a user click on the confirmation link. Thus, you will not see any logs from the consol.log prints, as the user is not getting the link.
(I received 400 error code when calling the above URL while not having the appropriate custom database script set on my auth0 tenant).
I noticed that the ‘Change Password’ script for your custom database intends to send a new password plainly (without hashing it first).
Could you please verify if your custom database endpoint, which is responsible for receiving the new passwords, accepts plain text? Maybe you need to hash it first (and implement hashing similar to what is suggested in our example Change Password script in this doc)?
Or maybe the external database endpoint (‘…/change-password’) to receive a new password, which is specified in the script as const apiEndpoint = configuration.apiEndpoint + '/change-password', is wrong?
@phuong.le In your ‘Get User’ script, on the other hand, I noticed that you use a POST method when trying to retrieve (GET) an entry from your database (to determine if the user exists).
The ‘Get User’ script is fired first in both cases - when attempting to log in or resetting the password.