Hello @proud-plumber-24205, I am having a strange issue: after i get the link with the flow and token, if I call whoami setting the ory_session_token as a cookie, it works and return 200 OK with: { "id": "6624b6e6-21a1-484d-ac3b-a89bbf8ac6c6", "active": true, "expires_at": "2021-11-27T194451.869423Z", "authenticated_at": "2021-11-26T194451.869423Z", "issued_at": "2021-11-26T194451.869458Z", "identity": { "id": "e5da3f0f-d2f0-42b8-918b-c0c197d9abd3", "schema_id": "default", "schema_url": "http://local.angeplus.com.br/iam-svc/public/schemas/default", "state": "active", "state_changed_at": "2021-11-24T230953.205151Z", "traits": { "email": "angeplus.devs@ferreri.co" }, "verifiable_addresses": [ { "id": "65d90ded-0f71-4dea-b5de-29a1ddc22a8d", "value": "angeplus.devs@ferreri.co", "verified": false, "via": "email", "status": "pending", "verified_at": null, "created_at": "2021-11-24T230953.207734Z", "updated_at": "2021-11-24T230953.207734Z" } ], "recovery_addresses": [ { "id": "c8fca43a-865e-4442-9ac2-b74e2ee8ba16", "value": "angeplus.devs@ferreri.co", "via": "email", "created_at": "2021-11-24T230953.208445Z", "updated_at": "2021-11-24T230953.208445Z" } ], "created_at": "2021-11-24T230953.205644Z", "updated_at": "2021-11-24T230953.205644Z" } }

but when i try to start a Settings flow using /self-service/settings/api it says: "This endpoint can only be accessed with a valid session. Please log in and try again" and I cant continue the recovery setting the new password user sent me... can you help please?

Just made a test using the browser flow and seems it works