Unable to validate recovery token

Questions API
,
1

Hi All,

I’m trying to validate recovery token through /api/v1/authn/recovery/token. However, request keeps getting rejected and returns this response:

{
“errorCode”: “E0000079”,
“errorSummary”: “This operation is not allowed in the current authentication state.”,
“errorLink”: “E0000079”,
“errorId”: “oaefY5RhfksfaO81wUS43A”,
“errorCauses”: [
{
“errorSummary”: “This operation is not allowed in the current authentication state.”
}
]
}

Note that I provide a valid recovery token that’s retrieved from forgot_password response: /api/v1/users/0xxxxxxxxxxxx7/credentials/forgot_password?sendEmail=false

Any thoughts on what’s causing recovery/token to fail?

2

Hello,

Can you provide the Okta Request id for one of these failed attempts. It would be returned in the HTTP headers x-okta-request-id.

If not are you able to provide your Okta Org you are testing in?

Thank You,

3

I just figured that The /api/v1/authn/recovery/token API works in conjunction with the /api/v1/authn/recovery/password API. So, token will not be validated if it’s retrieved from forgot_password URL

4

Outstanding,
using

/api/v1/users/<id>/credentials/forgot_password?sendEmail=false

with

/api/v1/authn/recovery/token

does work in my Org, but if you have a working solution that is great.

5

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.