-
Notifications
You must be signed in to change notification settings - Fork 18
/
Copy pathdocs_sdk_forgot-password.html
57 lines (47 loc) · 3.61 KB
/
docs_sdk_forgot-password.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
<!-- Docs - SDK - forgotPassword -->
<div class="section">
<h2><a href="/docs/">Docs</a> : <a href="/docs/sdk/">SDK</a> : forgotPassword</h2>
<p><span class="font-semibold">forgotPassword</span> lets you send a temporary password to the user's email address. This API will return a promise that gets resolved once the email with the temporary password has been sent. The user can then provide the temporary password to <a href="/docs/sdk/sign-in/">signIn</a> and <a href="/docs/sdk/update-user/">updateUser</a> to change their password.</p>
<pre>
<code class="language-javascript">
userbase.forgotPassword({
username: 'example-username'
}).then(() => {
// email with temporary password sent
}).catch((e) => console.error(e))
</code>
</pre>
<h3 id="params">Parameters</h3>
<ul>
<li>
<span class="field">username</span> [string | Len: 1-100] - The username for the account to send a temporary password to.
</li>
<li>
<span class="field">deleteEndToEndEncryptedData</span> [boolean | optional] - When the user changes their password using the temporary password, this indicates whether or not the server should delete the user's end-to-end encrypted data. Defaults to false. Note that this parameter can be ignored when your application is set to the <span class="field">server-side</span> encryption mode.
</li>
</ul>
<h3 id="notes">Notes</h3>
<ul>
<li>
When your app is set to the <span class="field">end-to-end</span> encryption mode and a user forgets their password, regaining access to their end-to-end encrypted data is possible, but only when the user has provided an email address during <a href="/docs/sdk/sign-up/">signUp</a> or <a href="/docs/sdk/update-user/">updateUser</a>, and when the user has previously signed in with the <span class="field">rememberMe</span> option set to 'local'. In this case, the user will have the encryption key saved in the browser's local storage, and the user will be able to regain full access to their data by getting a temporary password via email. The user must still have access to a previously used device in order to be able to reset the password in this way. Therefore, if you want to allow your users to reset their password, make sure to set <span class="field">rememberMe</span> to 'local' during <a href="/docs/sdk/sign-up/">signUp</a> and <a href="/docs/sdk/sign-in/">signIn</a>, and make sure you require an email address during <a href="/docs/sdk/sign-up/">signUp</a> and <a href="/docs/sdk/update-user/">updateUser</a>. We still recommend that when you use the 'end-to-end' encryption mode, you inform your users that since their data is end-to-end encrypted, they should take care to store their password in a safe place, such as a password manager. Recovery will not be possible if the user loses access to all previously used devices.
</li>
<li>
When your app is set to the <span class="field">end-to-end</span> encryption mode and a user forgets their password and loses access to all previously used devices, the user can still regain access to their account and delete all inaccessible end-to-end encrypted data by setting <span class="field">deleteEndToEndEncryptedData</span> to true.
</li>
</ul>
<h3 id="errors">Errors</h3>
<ul>
<li>ParamsMustBeObject</li>
<li>ParamsMissing</li>
<li>UsernameCannotBeBlank</li>
<li>UsernameMustBeString</li>
<li>DeleteEndToEndEncryptedDataMustBeBoolean</li>
<li>AppIdNotSet</li>
<li>AppIdNotValid</li>
<li>UserNotFound</li>
<li>UserEmailNotFound</li>
<li>KeyNotFound</li>
<li>ServiceUnavailable</li>
</ul>
</div>
<hr>