Reset password method doesn't throw an exception when a wrong emailAddress is passed about auth0-java HOT 6 CLOSED

Thanks for all the help @lbalmaceda. I will try to handle this case on our application side.

from auth0-java.

The reset password endpoint, which actually just sends a reset password email to the owner, won't fail even if the email doesn't belong to a valid user. This is to prevent email enumeration. When you're doing log in instead, your IP would be blocked if you try several times with a wrong email/password combination.

from auth0-java.

Thanks for the reply @lbalmaceda!
But then how will we be able to find out whether the mail was sent successfully or not.

As the logs generated are as follows

from auth0-java.

There's no way for you to know that from the app you're calling the endpoint, no. The error you attached is that no user with that email exists so the call to the reset endpoint fails. But if for some reason the user exists and the email fails to be sent, the error you get in the dashboard would be a different one, talking about the email provider issue.

from auth0-java.

That's right if the email fails even when the user exists, then it's considerable that the error is not returned.
But in case the user doesn't exist then the call should fail and an error should be returned.
What do you think?

from auth0-java.

This is just an implementation of the Authentication API. As you can see here the endpoint itself doesn't return other than that status code 200. I suggest you contact https://support.auth0.com and open a feature request if that's your concern.

from auth0-java.