Comments (6)
Thanks for all the help @lbalmaceda. I will try to handle this case on our application side.
from auth0-java.
The reset password endpoint, which actually just sends a reset password email to the owner, won't fail even if the email doesn't belong to a valid user. This is to prevent email enumeration. When you're doing log in instead, your IP would be blocked if you try several times with a wrong email/password combination.
from auth0-java.
Thanks for the reply @lbalmaceda!
But then how will we be able to find out whether the mail was sent successfully or not.
As the logs generated are as follows
from auth0-java.
There's no way for you to know that from the app you're calling the endpoint, no. The error you attached is that no user with that email exists so the call to the reset endpoint fails. But if for some reason the user exists and the email fails to be sent, the error you get in the dashboard would be a different one, talking about the email provider issue.
from auth0-java.
That's right if the email fails even when the user exists, then it's considerable that the error is not returned.
But in case the user doesn't exist then the call should fail and an error should be returned.
What do you think?
from auth0-java.
This is just an implementation of the Authentication API. As you can see here the endpoint itself doesn't return other than that status code 200
. I suggest you contact https://support.auth0.com and open a feature request if that's your concern.
from auth0-java.
Related Issues (20)
- Add support for Enterprise Connections show_as_button field HOT 1
- Add support for filters in LogStreams HOT 3
- Support Create/Update User Authentication Methods (Mgmt API) HOT 2
- v2 Beta Available! HOT 2
- Add possibility to specify arbitrary client_id for resetPassword method, as argument HOT 4
- Filter Users by role and metadata HOT 9
- TokenHolderDeserializer has no default (no arg) constructor HOT 4
- LogEvent doesn't have the fields returned from v2/logs endpoint. HOT 2
- RateLimitException contains wrong reset/limit and remaining information HOT 1
- use char[] instead of String for sensitive data HOT 3
- Allow exportUsers to select all users by omitting connection_id HOT 2
- Add groups and dn to User Pojo HOT 5
- Exposing a method in AuthAPI to delete MFA authenticators. HOT 3
- Invalidate remembered browsers missing from the SDK
- Library source does not match the bytecode for class AuthAPI HOT 3
- Impossible to update users from the API HOT 1
- Add `cross_origin_authentication` to the response model for the SDK
- Add roles to organization member call HOT 1
- Failed to parse log event HOT 2
- Add support for adding an MFA OOB Authenticator via the Email channel
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from auth0-java.