Jump to content

Password Reset VIA API

wellconnit

By wellconnit
in Developer Corner

 Share

Recommended Posts

wellconnit Member

wellconnit

Posted
Posted

Hi All,

Has anyone successfully worked out a way to generate a forgotten password email from the WHMCS API?

 

It's all good to be able to login to the system but if the user has forgotten their password it's pointless getting them to sign into the WHMCS version of the site when you're using the API to make sure they don't hit that site in the first place?

It seems strange that this isn't native to WHMCS already as it aligns with the login process of the normal page?

Any help with this is greatly appreciated..

 

Thanks!

0
Link to comment
Share on other sites
wellconnit Member

wellconnit

Posted
  • Author
Posted
1 hour ago, inteldigital said:

Hi @wellconnit,

Maybe this thread will be of interest to you:

Change client's password using API

You should also take a further look at the API documentation:

API - WHMCS Developer Documentation

Hi Intel,

 

That's of no help whatsoever?.

 

What part out of the two posts are going to assist with making a Forgot Password method?

0
Link to comment
Share on other sites
wellconnit Member

wellconnit

Posted
  • Author
Posted
10 hours ago, inteldigital said:

Well, I'm assuming:

UpdateClient

You would have to ask someone more knowledgable than I, but I'm assuming you could then send an email to the client email on file with:

SendEmail

Just my two cents.

Yeah you could, however if someone was to type in an email address of someone that had an account it would reset their password without them actually requesting it,

 

The UpdateClient API method will allow you to update a password, but won't let you send a verification email to check that it's actually the owner of the email address that has requested the password reset in the first place, which rules that process out.

 

Unfortunately not a viable solution.

0
Link to comment
Share on other sites
brian! Senior Member

brian!

Posted
Posted
7 hours ago, inteldigital said:

Interesting. Maybe @brian! has some answers?

@inteldigital - SendEmail would be the obvious way, but it's coded to prevent sending the password templates - I assume for security reasons...

Quote

The following email templates cannot be sent in this way:

  • Automated Password Reset
  • Password Reset Confirmation
  • Password Reset Validation

to be honest, I don't know the answer to the question.

0
Link to comment
Share on other sites
inteldigital Member

inteldigital

Posted
Posted
4 minutes ago, brian! said:

@inteldigital - SendEmail would be the obvious way, but it's coded to prevent sending the password templates - I assume for security reasons...

to be honest, I don't know the answer to the question.

I did notice that in the documentation, but I figured they may have been some secret to getting it done. Surely the API is secure enough to send those kinds of emails? I mean, if anything, doing things through the API should be more secure than an physical user logging in and doing it, no?

0
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated

  I accept