Redirect the user to a different URI for the forgot password flow

  • Hi,

    I want to send users who login to url A and users to forgot their password and reset it to url B.

    How can I do this with FusionAuth? It appears that everyone is set to the first redirect_uri for the application.

  • I think the simplest solution is to modify the link helper macro in the theme. This macro looks like this by default:

    [#macro link url extraParameters=""]
    <a href="${url}?tenantId=${(tenantId)!''}&client_id=${(client_id?url)!''}&nonce=${(nonce?url)!''}&redirect_uri=${(redirect_uri?url)!''}&response_mode=${(response_mode?url)!''}&response_type=${(response_type?url)!''}&scope=${(scope?url)!''}&state=${(state?url)!''}&timezone=${(timezone?url)!''}&${(!''}&metaData.device.type=${(metaData.device.type?url)!''}${extraParameters!''}&code_challenge=${(code_challenge?url)!''}&code_challenge_method=${(code_challenge_method?url)!''}&user_code=${(user_code?url)!''}">

    What we want to do is modify the redirect_uri in certain cases. In this case, we know that the url will have the value /password/forgot so we can put an if statement in there:

    [#macro link url extraParameters=""]
    [#if url == "/password/forgot"]
    [#assign redirect_uri=""]

    You'll also need to:

    • create the page that lives at url B ( in this example). It won't be hosted by FusionAuth.
    • add url B to the list of Authorized Redirect URLs in your OAuth configuration.

    That should work. There are some other alternatives, however. If you generate the "Forgot password" page without a client_id, you won't end up logged in after a password reset. Instead you'll end up at the "OAuth password complete" page, which you can design in the theme editor.

    More about themes.