Actions Triggers: post-change-password

Actions Triggers: post-change-password

The post-change-password triggers runs after a Database connection user resets or changes their password. This trigger can be used to notify another system that the user’s password has changed so that other sessions not managed by Auth0 can be revoked.

Multiple Actions can be bound to this trigger, and the Actions will run in order. However, these Actions will be run asynchronously and will not block the password reset process.

Reference

Event object: Provides contextual information about the newly created user.

Common use cases

Invalidate the user’s session in another system

A post-change-password Action can be used to invalidate the user's session in another system:

const axios = require("axios");

/**
 * @param {Event} event - Details about user whose password was changed.
 */
exports.onExecutePostChangePassword = async (event) => {
  axios.post("https://my-api.exampleco.com/revoke-session", { params: { email: event.user.email }});
};

Was this helpful?

/

Send an email after the user changes their password

const axios = require("axios");

exports.onExecutePostChangePassword = async (event) => {
  try {
    // https://sendgrid.api-docs.io/v3.0/mail-send
    axios.post('https://api.sendgrid.com/v3/mail/send',
      {
        personalizations: [{
          to: [{ email: event.user.email }]
        }],
        from: { email: 'admin@exampleco.com' },
        subject: 'Your password was changed',
        content: [{
          type: 'text/plain',
          value: 'The password for your ' + event.connection.name + ' account ' + event.user.email + ' was recently changed.'
        }]
      },
      {
        headers: {
          'Authorization': 'Bearer ' + event.secrets.SENDGRID_API_KEY
        },
      }
    });
  } catch (err) {
    console.log(`Error sending email to ${event.user.email}:`, err.message)
  }
};

Was this helpful?

/