the scenario is i want to add while resetting password some other fields like first name and last_name
and want send request to my server to create a new record with this user_id
A few questions to get some more context: why not ask for the first and last name during sign up / registration, why at password reset?
And the second requirement: you want to create user_id entry when a user resets his password at Auth0, but not already at registration? Can you give a bit more context about the use case, because it sounds very uncommon.
Note that you could already ask for firstname and lastname via additional fields in the Lock:
https://auth0.com/docs/libraries/lock/v11/configuration#additionalsignupfields-array-
If you really want to set the additional fields during password reset, it’s best to use your own custom password reset page (hosted on your end) and just call the Management API from there with any additional logic.
how he will get auth0 token after change password
if i did that how to make him login after change password
i mean i will send the user link with the backend token to change the password
after he did that supposed to be login again not to be prompted to enter his name and password
At the time when the user is resetting his password / changing his password, is he already logged into your application / does he have an active session at that point, (and a valid access token)?
Does your application provide the user with a function to change his password within the user area for logged in users? Trying to understand why/when you send the password reset link to the user. Is it because a user really forgot his password, or because he wants to change his password by himself (within a currently valid session / while being logged into your application already).