You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
data.email not used for "forgot password" workflow anymore
Description
Until v1.25.0 the "forgot password" workflow used the custom data.email from the DB table "users" if there was no identity email set. This is described as an expected feature: https://fusionauth.io/docs/v1/tech/apis/users/#start-forgot-password-workflow
Beginning with v1.26.0 this doesn't work anymore and results in an HTTP error when using the FusionAuth Java client library:
status=422: Field errors: {}, General errors: [], Exception: -
Affects versions
1.26.0
1.26.1
1.27.0
Steps to reproduce
Steps to reproduce the behavior:
Create a user without an identity email address, but with an custom data.email
Switch to "Customizations -> Email Templates"
Click on "send test mail" at the "forgot password" template.
Start typing the username you created before. It will show up a completion where you can see the user's name.
Click "Send" multiple times. The first time it prints an error message, the second time it additionally prints "EMail sent".
Verify that no email was sent / received to the data.email address.
Expected behavior
The email is sent to the user's email address from his custom data section. In the following example to marcus.krassmann@somewhere.else.localhost:
Are you able to use the user.email value for the email address instead? If not, can you describe your use case and this may help us identify a good way forward.
We use the data.email field because the email addresses are not always unique between different users. Some of our users have trust accounts for other clients, so there's more than one user per email address.
There is another follow-up problem:
If we try implementing the email sending logic in our own application, we still cannot use "Start the forgot password workflow using an API key" because we get HTTP response code 422 if no email is set. This is also true if the request body contains the property "sendForgotPasswordEmail": false.
Thanks for the feedback and use case details @mcs.
We are doing some additional internal review of this issue, and if we reverse this decision it will be out in the next patch or release. Thanks for your patience!
data.email not used for "forgot password" workflow anymore
Description
Until v1.25.0 the "forgot password" workflow used the custom data.email from the DB table "users" if there was no identity email set. This is described as an expected feature:
https://fusionauth.io/docs/v1/tech/apis/users/#start-forgot-password-workflow
Beginning with v1.26.0 this doesn't work anymore and results in an HTTP error when using the FusionAuth Java client library:
Affects versions
1.26.0
1.26.1
1.27.0
Steps to reproduce
Steps to reproduce the behavior:
Expected behavior
The email is sent to the user's email address from his custom data section. In the following example to
marcus.krassmann@somewhere.else.localhost
:Platform
The text was updated successfully, but these errors were encountered: