Unable to stop redirect after successful password reset flow

dee.lalwani

Hey,

We’re having some issues in our password rest flow, once the user completes the password reset flow they are automatically logged into the application via PKCE as the state is replayed.

We’ve removed the client_id from the url in the email and are still experiencing the same issue. We want users to end up on /password/complete.

I’ve taken a look at steps here posted by @dan:
https://fusionauth.io/community/forum/topic/366/prevent-redirect-after-forgot-password-flow

Are they out out date?

dee.lalwani

@dee-lalwani @dan
Should I make a github issue? would that be the best course of action ?

dan

@dee-lalwani Hmmm. That is almost a 2 year old post, so things could definitely have changed.

I might scan the release notes for relevant changes: https://fusionauth.io/docs/v1/tech/release-notes

Either way, if you see behavior that is different, you can open a feature request. We rank future work in a variety of ways, but popular feature requests from the community are definitely high on the list.

FYI, providing step by step repro steps for this feature would be most helpful, as well as your current version.

You could also spin up a version from Sep 2020, maybe Version 1.19.8, and see if it has the behavior you want.