Simplify secure zone password setup for new users

Peter-Schmidt · October 29, 2019, 12:05pm

I KNEW it
Have to look harder

vlad.z · October 29, 2019, 12:31pm

All sites have system page /request-reset-password

By default it looks like http://prntscr.com/ppmnli

So you definitely can set it in that email campaign and any user can go there, paste their email and request password reset flow.

Alex_B_Centrifuge · October 31, 2019, 6:23pm

That seems like a good workaround for the time being.

It would be nice if we could include a link to the actual password setup page, rather than a page to request a password reset email.

vlad.z · December 9, 2019, 11:57am

The link to the reset password page is /reset-password.
In order for the link to be valid it should include a unique token that will allow to verify each customer and to reset his password. So there could not be a campaign with one same token for all customers in the mailing list.
That’s why there are currently only two ways to reset password:

Send campaign to reset password request page
Go through each customer in the admin and send password recovery email

The only thing I can suggest is to request via public backlog a feature that will be able to take a list of customers provided by the admin and send password recovery email to each customer in that list.

doodlefish · June 30, 2020, 2:21am

I’m setting up secure zones for the first time and am confused on the password setup process. I think what is being said is…

when clicking the “SEND LOGIN DETAILS” button from the CRM record you first have to send the user to’ /request-reset-password ’ where the user enters their email address only.

The user then gets sent another email that contains the ‘token’. They then click the link in that email that takes them to ‘/reset-password’ page where they can add a password.

I did try to bypass the first email but if you go straight to /reset-password you get taken to a 404 page.

Is this right?

doodlefish · June 30, 2020, 2:58am

Looks like the password is being updated but the user is taken to a 404 page. The form code is this:

form class=“system_form” action="/public/api/members/reset-password" method=“POST”

I thought I was getting 404 messages because I didn’t have a secure zone landing page but have now set that up and am still getting 404 page results when the form processes. How can I send the user to a valid page?

doodlefish · June 30, 2020, 4:22am

I found the solution for this. You need to add a hidden input field to the form.

<input type="hidden" name="redirectURL" value="/my-new-confirmation-page">

I’m still not sure why I’m getting 404 message on all the password reset forms though.