Password Reset: Verification Code Format + Code Verification Endpoint
Hi team,
I have a couple questions regarding the password reset workflow using the API. I got it working end-to-end, but we are unable to match our requirements with the system as it behaves out-of-the-box:
- We would expect a numerical verification code but instead, Zitadel uses an alphanumerical format. While not the end of the world, it would be good to be able to align ourselves with what is typically industry standard (and much easier to input on mobile devices). Is there a way to stipulate the verification code format?
- We couldn't find a way to verify the OTP before sending the password reset request with the new password. This means that we can't implement the expected flow of checking the OTP before asking the user to input their desired new password. This results in slightly awkward UX.
Any help would be much appreciated! Thanks!
Nicolas
I have a couple questions regarding the password reset workflow using the API. I got it working end-to-end, but we are unable to match our requirements with the system as it behaves out-of-the-box:
- We would expect a numerical verification code but instead, Zitadel uses an alphanumerical format. While not the end of the world, it would be good to be able to align ourselves with what is typically industry standard (and much easier to input on mobile devices). Is there a way to stipulate the verification code format?
- We couldn't find a way to verify the OTP before sending the password reset request with the new password. This means that we can't implement the expected flow of checking the OTP before asking the user to input their desired new password. This results in slightly awkward UX.
Any help would be much appreciated! Thanks!
Nicolas
