Password Reset

These instructions are for implementing a password reset with Janrain’s Mobile Libraries in a Registration integration.

Prerequisites

Your mobile app must have it’s own client id.

Dashboard Steps

  1. Open the dashboard.janrain.com Dashboard.
  2. Go to your app, then choose Settings in the top navigation bar.
  3. Set a password_recover_url variable under the client settings for your mobile app. The value should be the url to your custom forgot password page that you host. See Figure 1.password_recover_url
  4. When you finish, click Save.

Forgot Password Page Steps

1. To send a reset password request, your app will post to the forgot_password_native endpoint. Like this:

https://your_capture_domain/oauth/forgot_password_native

The user will get a link to a forgot password page that you make and host.

2. The redirect_uri parameter will be overwritten by the password_recover_url that you created in the JavaScript API settings, so it is not important.

About the forgot password page that you create and host:

Your password reset page must render a change password screen screen with dataType changePasswordLink defined in the flow. This screen will have the password reset form.

The page will have the normal block of janrain.settings code, however take note of this important setting:

janrain.settings.capture.screenToRender = 'changePasswordScreen'; //Your change password screen's name.

The page only needs to include the change password screens along with with their Janrain Templating Language (JTL) tags.

3. You will need to use the profile save event to redirect the user back to the app when they are done setting their password. Include this in your janrainCaptureWidgetOnLoad function: as shown here:

janrain.events.onCaptureProfileSaveSuccess.addHandler(function(){
    // The user has changed their password.

    // optionally include some mobile detection code here
    // in case someone uses a non-mobile browser.

    location.href = 'myapp://home'; // your app specific url here.
});

4. Optionally, you can also use the onCaptureForgotPasswordCodeFailed event to account for invalid email codes:

janrain.events.onCaptureForgotPasswordCodeFailed.addHandler(function(){
    // didn't recognize the password reset code.
    // maybe render a different screen here.
});

5. If the user has a valid password reset code and successfully changes their password, they should be redirected to your app.