Update User Password

Hi all,

I’m currently using free subscription.

I’m using Update User API to allow my user to change their password. Once they did that, I can see a “Success Change Password” in Auth0 Log.
Unfortunately the user can’t login with neither their new password or old password.

The workaround would be I locate User by email from Auth0 User module then apply Change Password action.

I had no issue with my staging tenant but not production tenant

Please help.

Would you be able to share a sanitised API call you’re making to the /users endpoint?

{
  "date": "2019-01-09T11:21:29.725Z",
  "type": "scp",
  "description": "You can now login to the application with the new password.",
  "connection": "Username-Password-Authentication",
  "connection_id": "***",
  "client_id": "***",
  "client_name": "N/A",
  "ip": "127.0.0.1",
  "user_agent": "unknown",
  "details": {
    "body": {
      "tenant": "*****",
      "client_id": "***",
      "user_id": "5c35c4631f9dc0764b73560d",
      "connection": "Username-Password-Authentication",
      "email": "*****@gmail.com",
      "newPassword": "*****",
      "verify": false
    }
  },
  "user_id": "auth0|*****",
  "user_name": "****@gmail.com",
  "strategy": "auth0",
  "strategy_type": "database",
  "log_id": "90020190109112129725770339721333597139713366941063184434"
}

Above is logs details and below is code:

    const response = await request.patch(`https://${auth.auth0.domain}/api/v2/users/${userId}`, 
{      headers: {        'content-type': 'application/json',        authorization: `Bearer ${tokenInfo.access_token}`,    
  },      
body: {        password,        
connection: 'Username-Password-Authentication',      },      json: true,    });

I able simulate the issue with staging tenant by perform getTokenInfo (/oauth/token) follow by update user password (/user/id) within a expressjs API call

The reason I do this is to allow user change their password by entering old password follow by new/confirm password.

Any idea why this happened

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.