How to return both email code and Token in an API response

This topic contains 1 reply, has 2 voices, and was last updated by  Andy Cory 3 weeks, 6 days ago.

  • Author
    Posts
  • #26522
     jason.du 
    Participant

    For the password reset flow, how can i retrieve both email code and token in an API response so they can be included as part of the POST call to the emailvalidation stage in order to validate user’s email?

    Currently, we are able to retrieve only the JWT token in an API response but having issues retrieving the email code through API interaction and the code is only available as part of the url link through an email to the user.

    #26523
     Andy Cory 
    Participant

    You can’t retrieve the code though the API by design. It’s a security measure to ensure that the only way AM can get at the code is by the user who owns the email address clicking on the link containing the code, thus validating his email address.

    -Andy

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.

©2019 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?