I'm facing a weird recovery email problem:
The recovery link insde the mail is only valid one time. While this is reasonable, the problem is that many email clients try to generate a preview of said link. The preview uses up the "one time" the link is valid, and when the user clicks the link he is redirected to recovery ui...
11/11/2021, 2:44 PM
only an issue to replace it with an auth code, but probably allowing retry config could be a good hotfix
11/11/2021, 2:52 PM
Sorry, i did not understand
11/11/2021, 3:38 PM
we currently have an issue open to replace links with an verification code people copy/paste /enter into the UI. this will help with e.g. mobile apps where you don't want to leave the app to add the code, or SMS flows. this is currently on the roadmap and there's an issue open for it. in the meanwhile, allowing the link to be opened twice could be a good workaround
11/12/2021, 6:02 AM
Can I configure this myself on my kratos installation?
11/12/2021, 7:55 AM
no, it would need code changes first
11/12/2021, 12:47 PM
FYI (and in case anyone finds this here)
I made a workaround by altering the recovery mail template with a replacer function (inside the template) and make the Email contain a Link to my website. On this website I render a button and some fancy text like "if you really wanna change the password, click here" and when the user clicks, i simply redirect to the self-service URL