Can anyone help me to make Forgot Password in User Management system to reset the password with sending link on email.
Thanks
Related
We have custom policies with KMSi support. We have a requirement to store username/password to on client's browser so that once KMSI is expired, user dont have enter username/pass.
Is there a way to support this?
Thanks
Only the user can choose to do that if their browser supports it.
I am using Microsoft Azure authentication for user Login ,
After login of user there is change password section in my application where user provide his current password and new password so my query is
Is there is any Api(Graph) to GET Current Password for that user OR Any API(Graph) through which we authenticate current Password which provided by user
Is there any other scenario which help me to authenticate current password which was given by user while changing password
Or any other way to get current password for that user
thanks
There is no way to get the current password for users.
It would be a massive security vulnerability and imply they store them insecurely.
There is a way to authenticate a user like that, but it won't work if the user has e.g. MFA.
I would suggest a different approach.
Check how old the authentication is (id token has the time it was issued).
If it is older than, say, 15 minutes, require the user to authenticate with AAD (prompt=login).
You can also require MFA for the login if you know all your users use it.
Then they should be able to give a new password, which you can then set with Graph API.
So instead of making a call to check the current password, require a fresh ID token and rely on AAD to check the user credentials.
Also, the users should be able to change it themselves already as written in docs: https://learn.microsoft.com/en-us/azure/active-directory/user-help/active-directory-passwords-update-your-own-password
In Cognito, is there any way where I can allow a user (Account status: External provider) to create a password for their account and do login using username and password.
I am using a Hosted UI.
Consider a case where a user logged in using the Google sign-in method and the user pool has a user entry. I have given the user a preferred username and email options to sign in. but since it does not have a password yet, the user should be able to reset their password using forgot password method.
But I get the error "User password cannot be reset in the current state."
Can you please suggest if there is any method or workaround for this.
Thanks.
You cannot create a password for an EXTERNAL_PROVIDER user.
The password is handled directly by your provider and Cognito Hosted UI only retrieve the user fields you previously mapped in the configuration.
If you try to change the password of your user connected by Google, you will get the following error :
User is not authorized to change password.
Because the password can only be changed with the provider.
I've configured Gitlab CE 10.6 with OmniAuth and a CAS server that authenticates against two Active Directories and a users db. The login process is working fine to make the automatic signup, etc... now, i've been asked to synchronize the password from my CAS server with the gitlab password to avoid this extra step for the user, I am updating the user password each time the user uses the CAS authentication, i am doing this using a rest client on the CAS server consuming Gitlab Rest Api, the problem is each time i change the password it asks the user to setup a new password, Is there any way i can disable this feature in the configuration?
Thank you in advance!
I solved it removing this line from users.rb v4 API
user_params[:password_expires_at] = Time.now if user_params[:password].present?
I have created a Facebook application and have an application ID and application secret. Now I want to provide the user with a simple UI in which he/she will fill in the Facebook user name and password. On the proceed button click, how do get his/her authentication token?
So in future I will use the saved token to get particular user information.
Take this Open ID
Check the Answer here this will help you.
The procedure for token set you need to store it via local cookie over client's browser.
That's the step-by-step simple stuff to create this kind of application
Hope this will help you