Open mdeggies opened 7 years ago
"Our application creates users programmatically and I was creating users like so:
const spApplication = req.app.get('stormpathApplication'); spApplication.createAccount(acct);
With some debugging, that method doesn’t correctly create a user fully. It was missing some fields like the “recovery_question” and answer. I did some digging around in the source code of express-stormpath and found this: https://github.com/stormpath/express-stormpath/blob/aed8d26ba51272755ea4eab706b4417e4bbeed99/lib/controllers/register.js#L175
express-stormpath
oktaUser.profile.emailVerificationStatus = 'UNVERIFIED'; oktaUser.profile.emailVerificationToken = uuid.v4(); oktaUser.profile.stormpathMigrationRecoveryAnswer = uuid.v4(); oktaUser.credentials.recovery_question = { question: 'stormpathMigrationRecoveryAnswer', answer: oktaUser.profile.stormpathMigrationRecoveryAnswer };
So I finally had to create a user manually using the okta node sdk.
Without these fields, the reset password would fail silently."
"Our application creates users programmatically and I was creating users like so:
const spApplication = req.app.get('stormpathApplication'); spApplication.createAccount(acct);
With some debugging, that method doesn’t correctly create a user fully. It was missing some fields like the “recovery_question” and answer. I did some digging around in the source code of
express-stormpath
and found this: https://github.com/stormpath/express-stormpath/blob/aed8d26ba51272755ea4eab706b4417e4bbeed99/lib/controllers/register.js#L175oktaUser.profile.emailVerificationStatus = 'UNVERIFIED'; oktaUser.profile.emailVerificationToken = uuid.v4(); oktaUser.profile.stormpathMigrationRecoveryAnswer = uuid.v4(); oktaUser.credentials.recovery_question = { question: 'stormpathMigrationRecoveryAnswer', answer: oktaUser.profile.stormpathMigrationRecoveryAnswer };
So I finally had to create a user manually using the okta node sdk.
Without these fields, the reset password would fail silently."