Reset password using @okta/okta-auth-js


I want to implement forgot password + reset password flow in my UI app using @okta/okta-auth-js@2.0.1. I was facing issues, so I looked through the code and discovered that transaction.resetPassword function is actually not implemented there. But it is in the docs/readme. Is there a reason for that?

I tried sending the reset password request to the API manually, but couldn’t get it to work. My flow is basically this:

One additional thing is when the transaction.status === 'SUCCESS', I’m sending the /api/v1/authn/credentials/reset_password request with the stateToken (taken from the cookie) and newPassword coming from a form. But I’m getting 403 response:

{"errorCode":"E0000006","errorSummary":"You do not have permission to perform the requested action","errorLink":"E0000006","errorId":"oaec66KAL8tQFS1xx5EiidG-A","errorCauses":[]}

What am I missing? How can I set a new password for a user through OKTA API?

I’m running on MSWin 7, Node.JS 8.9.4, NPM 6.4.1.

Being in a similar situation just wondering if the latest SDK now supports the resetPassword?