Hello,
I have been running into a problem while trying to use the POST /api/v1/authn/recovery/password
Okta API endpoint detailed on this documentation page:
https://developer.okta.com/docs/reference/api/authn/#recovery-operations
This endpoint is used to trigger an e-mail for performing a password reset flow.
The way I currently have it implemented:
-
the user submits a password reset request through my application
-
my application hits the password recovery Okta API endpoint above using a body object that looks like this:
{ factorType: 'EMAIL', username: 'some.user@some.domain.com', relayState: 'http://localhost:4700' }
-
When I test the endpoint with this object using a debugging tool such as Postman, I can see the Okta API’s response object confirms the relayState with a response that looks like this:
{ status: 'RECOVERY_CHALLENGE', factorResult: 'WAITING', relayState: 'http://localhost:4700', factorType: 'EMAIL', recoveryType: 'PASSWORD' }
-
I have previously checked the Okta admin portal, under
Security > API > Trusted Origins
, to ensure that thehttp://localhost:4700
origin being used for therelayState
parameter is marked for both Redirect and CORS. -
The user receives the forgot password reset e-mail in their inbox
-
User clicks the link in the e-mail, bringing them to Okta. They fill out a security question and their new password in Okta
-
Once the new password is correctly set, instead of Okta redirecting the user to the desired URL specified by the
relayState
parameter, the user is instead redirected to<Okta server URL goes here>/user/notifications
.
My question is: How can I make the relayState
parameter work so that the user is directed to the relayState URL, instead of the /user/notifications URL? Has anyone had any success in using the relayState
parameter?
Thank you!