Hi, I need your help with password recovery flow u...
# talk-kratosw
wooden-knife-9469
05/23/2023, 6:42 AMHi, I need your help with password recovery flow using self service apis with code method. I am successfully receiving the code and passing it in the updateRecoveryFlow method. What I would like to know is how to proceed after this step to the reset password step. Documentation mentions something about privileged authentication. But could not find detailed explanation on how to implement it to reset password in the recovery flow. Right now after submitting code to the updateRecoveryFlow, I am taking new password from user and calling the updateSettingsFlow method with the new password but getting ‘401 authentication’ error. Could you please help me with this issue. Thanks you!
n
narrow-flower-8731
05/23/2023, 10:46 PMHi @wooden-knife-9469, I believe you get a session cookie returned on successful
updateRecoveryFlowcookieupdateSettingsFloww
wooden-knife-9469
05/24/2023, 8:01 AMThanks for the response @narrow-flower-8731! But I don’t find any session object in the result of updateRecoveryFlow. This is what RecoveryFlow object contains:
{
‘active’?: string;
‘expires_at’: string;
‘id’: string;
‘issued_at’: string;
‘request_url’: string;
‘return_to’?: string;
‘state’: RecoveryFlowState;
‘type’: string;
‘ui’: UiContainer;
}
n
narrow-flower-8731
05/24/2023, 8:05 AM@wooden-knife-9469 are you using the native flow or browser flow?
w
wooden-knife-9469
05/24/2023, 8:06 AMI am using browser flow.
n
narrow-flower-8731
05/24/2023, 8:08 AMyou should have the session cookie received as part of http headers I think
w
wooden-knife-9469
05/24/2023, 8:10 AMThis is what I get in headers:
n
narrow-flower-8731
05/24/2023, 8:10 AMhttps://ory-community.slack.com/archives/C012RJ2MQ1H/p1684421196410829?thread_ts=1684421196.410829&cid=C012RJ2MQ1H
you can check out this thread. The update recovery flow will return a 442 response to redirect the browser to the settings page you configured
w
wooden-knife-9469
05/24/2023, 8:26 AMIn my case I am not getting the cookie in response headers.
n
narrow-flower-8731
05/24/2023, 8:31 AMcan you check the contents of the Cookie in your vary in the headers
w
wooden-knife-9469
05/24/2023, 8:34 AMYou mean this:
wooden-knife-9469
05/24/2023, 8:34 AMvary: “Cookie, Accept-Encoding”
n
narrow-flower-8731
05/24/2023, 8:36 AMyes, I've used the flow directly via REST api in Java instead of the go sdk which I believe you're using so I don't exactly know how the sdk returns the data and how headers are handled in go in general
w
wooden-knife-9469
05/24/2023, 8:43 AMSure, thanks a lot till this point. Really appreciate it!
3 Views