Post Change Password Flow
The Post Change Password Flow runs after a user resets or changes their password. You can use this flow to email the user after a password change or to notify another system that the user’s password has changed, so that other sessions not managed by Auth0 can be revoked.
Actions in this flow are non-blocking (asynchronous), which means the Auth0 pipeline will continue to run without waiting for the Action to finish its execution. Thus, the Action's outcome does not affect the Auth0 transaction.
Triggers
Post Change Password
The post-change-password
trigger runs after a database connection user resets or changes their password.
Multiple Actions can be bound to this trigger, and the Actions will run in order. However, these Actions will be run asynchronously and will not block the password reset process.
Reference
Event object: Provides contextual information about the user and the connection on which the password was changed.
Common use cases
Invalidate the user’s session in another system
A post-change-password Action can be used to invalidate the user's session in another system:
const axios = require("axios");
/**
* @param {Event} event - Details about user whose password was changed.
*/
exports.onExecutePostChangePassword = async (event) => {
axios.post("https://my-api.exampleco.com/revoke-session", { params: { email: event.user.email }});
};
Was this helpful?
Send an email after the user changes their password
const axios = require("axios");
exports.onExecutePostChangePassword = async (event) => {
try {
// https://sendgrid.api-docs.io/v3.0/mail-send
axios.post('https://api.sendgrid.com/v3/mail/send',
{
personalizations: [{
to: [{ email: event.user.email }]
}],
from: { email: 'admin@exampleco.com' },
subject: 'Your password was changed',
content: [{
type: 'text/plain',
value: 'The password for your ' + event.connection.name + ' account ' + event.user.email + ' was recently changed.'
}]
},
{
headers: {
'Authorization': 'Bearer ' + event.secrets.SENDGRID_API_KEY
},
}
});
} catch (err) {
console.log(`Error sending email to ${event.user.email}:`, err.message)
}
};
Was this helpful?