Password reset always fails with "Your password reset code has expired or is invalid."
-
I recently upgraded from an old FusionAuth version around 1.19 to 1.40.2. Because it is a one node installation, I also changed the search from elastic to database (PostgreSQL).
Everything went smoothly, but since the upgrade the password reset (and the setup password) links always show a "Your password reset code has expired or is invalid" error.I've updated the email templates to include the new query params:
[#setting url_escaping_charset="UTF-8"] [#assign url = "https://my.fusionauth.url/password/change/${changePasswordId}?client_id=${(application.oauthConfiguration.clientId)!''}&tenantId=${user.tenantId}" /] [#list state!{} as key, value][#if key != "tenantId" && key != "client_id" && value??][#assign url = url + "&" + key?url + "=" + value?url/][/#if][/#list] ${url}which results in an URL looking like this:
https://my.fusionauth.url/password/change/<some_code>?client_id=<some_id>&tenantId=<some_id>&metaData.device.name=macOS%20Chrome&metaData.device.type=BROWSER&redirect_uri=https%3A%2F%2Fmy.fusionauth.url%2Ftorii%2Fredirect.html&response_type=code&state=<some_state>&timezone=Europe%2FBerlinThings I have tried/checked:
- Updated the email templates (see above)
- Checked if the clock/time on the FusionAuth server is in sync with NTP
- Increased the "External identifier durations" for "Change password" and "Setup password" to 24 hours (86400 seconds)
- Tested with different applications, accounts, browsers, and operating systems
- Checked the logs (nothing to see there)
What else could be the reason, and how can I fix this? Any help is appreciated.
-
Got the right answer in the Slack channel – I needed to update the theme templates too
-
J joshua moved this topic from General Discussion on
-
J joshua marked this topic as a question on
-
J joshua has marked this topic as solved on