OAuth 2.0, WordPress and API Password Reset

Home Forums General Issues OAuth 2.0, WordPress and API Password Reset

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
  • #925

    Due to how our database/records are setup we use custom login code to authenticate against NeonCRM.

    This part works fine.

    But users are not able to do a forgot password or reset their password. How can a password reset be implemented using the API ? mainly so that users are not redirected to the NeonCRM website.

    What are the possible options here ?

    Colin Pizarek

    Obviously, I’m going to say that using the Neon password reset is going to be the most reliable and secure way to handle it. The password reset mechanism used by NeonCRM is not exposed through the API; you cannot trigger those emails without using the Neon password reset forms.

    If you’re interested in rolling your own password reset system, it’s theoretically possible to do so using the existing API methods. The Update Individual Account or Update Organization Account methods do allow you to overwrite a user’s password using the login.password parameter. If you go this route, be sure to heed the warnings associated with using those API methods.

    I’m hesitant to recommend this approach, though, because you’re going to need to create your own emails and figure out how to set up single-use tokens to make the whole thing secure.



    Thanks for the quick reply. I was testing what you were saying and it was going good with WP generating the token process for the reset and hooking into the reset success to update on the Neon side.

    But this was only working for those accounts already having a user in WordPress.

    So we will use your system by redirecting to the Neon reset page.


Viewing 3 posts - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.