Hello if an user change his password all of his refresh tokens revoked. to better user experience not forcing relogin in current using device the https://fusionauth.io/docs/v1/tech/apis/users#change-a-users-password gives one time password to relogin in server side to access new refresh and access tokens without notifying user that's fine non mfa enabled users. If two factor authentication enabled user change his password then server side relogin with one time password to access new refresh and access tokens gives status 242 require Complete Two Factor Authentication how to bypass this step without totp
Latest posts made by jogiprasadpakki
-
Bypass two factor authentication without twoFactorTrustId
-
RE: Email verification not working with api
I misunderstood there are two api for
-
One for verify application level email verify by
https://fusionauth.io/docs/v1/tech/apis/registrations#verify-a-user-registration -
Another for verify tenet level email verify api
https://fusionauth.io/docs/v1/tech/apis/users#verify-a-users-email
-
-
RE: Email verification not working with api
@dan
Iam tested also in 1.18.5 same 404 error message -
Email verification not working with api
I am used api to create users when i need to verify user email by api
https://fusionauth.io/docs/v1/tech/apis/registrations#verify-a-user-registration
not working.
When application level verify email working, but verify tenent user with
http://localhost:9011/api/user/verify-registration/si-R7tOTG5eFtiK1GUKJ4EOUUKIWah7sNHPvawJ8wYQ
gives 404 code. i set X-FusionAuth-TenantId header also
this is screen shot
https://drive.google.com/file/d/1bpmv0L5zeDDixPe4hXcnX0ScJVxgsU3E/view?usp=sharing -
Check password reset link expiry or not
I am using api to reset password from the documentation
https://fusionauth.io/docs/v1/tech/apis/users#start-forgot-password-workflow from this i need to send reset id and new password after that it show success or fail if resetid expiry. Is any way to check rest id is valid or not without showing reset form