You can initiate a forgot password journey either when a user clicks on that user journey link in the
/authorize screen, or you can take a user directly to that form by passing in a URL.
Integrating the forgot password screen via a URL requires further configuration. Here's how to do it.
When configuring the forgot password request, there is a set of required parameters, described below. There are also additional parameters that can be part of the request depending on the business rules.
https://id.eu.nextreason.com/ forgot-password? redirect_uri=https%3A%2F%2Fappauth-js.dev.nextreason.cloud%2Fapp%2Fredirect.html &client_id=pnxf3up7tae8mbhzb9dbpbcmfbx32qjp &response_type=code &state=SWMsxiZSaa &scope=openid &response_format=openid &ui_locales=en-US
In this example above, the base domain is
About base domains
Your base domain will be customized for your integration and for enterprise customers will be customized for your site name or brand name. If you don't know your base domain, please contact your Next Reason integration consultant.
The following parameters must be included on every request.
|Configures the URL the user is redirected after a successful authentication.|
Important note: this URL must be included in the
|ID used to authenticate the API call. This client must be configured with the |
|Value that determines the authorization processing flow to be used, including what parameters are returned from the endpoints. We only support authorization code flow which means the only acceptable parameter is: |
Typically for applications, Cross-Site Request Forgery (CSRF, XSRF) mitigation is done by cryptographically binding the value of this parameter with a browser cookie. This value is required on every call, but the hosted service does not use this value in any way, it is solely for use by the application.
Doing so, the application can check and evaluate the value of the state parameter if it is correct or meets a specified criteria then perform expected actions or user journeys on the application-side.
|OpenID Connect requests must contain the |
Scope values used that are not understood by an implementation should be ignored.
The following parameters are optional.
|Set the language to be displayed in the screen. Session cookie will save the locale setting sent for the first time, if this parameter is not present the latest language saved will be used to display the screen. It allows multiple locales and in case there's no configuration for the first one, it searches for the second one and so on.|
See Localization for list of supported locales and the accepted values.
Updated 6 months ago