Headless Identity Implementation Guide

Clouds with binary code floating aboveCloud with binary code floating above

No Results

Search Tips:

  • Please consider misspellings
  • Try different search keywords
What Is Headless Identity?
Complete Prerequisites for Headless Identity
Set Up an Authentication Provider for Single Sign-On
Set Up an Experience Cloud Site for Headless Identity
Set Up a Connected App for Headless Identity
Use Postman to Work with Headless Identity APIs
Set Up Your Postman Workspace
Headless Registration Flow: Send a Registration Request
Headless Registration Flow: Send an Authorization Request
Headless Registration Flow: Send a Token Request
Headless Login: Send an Authorization Request
Headless Login: Send a Token Request
Headless Registration and Headless Login Flows: Get User Info
Headless Forgot Password Flow: Send a Password Reset Request
Headless Forgot Password Flow: Change the User’s Password
Headlessly Revoke an Access Token
JavaScript Examples for Headless Identity APIs
PDF

Headless Forgot Password Flow: Send a Password Reset Request

To initialize the Headless Forgot Password Flow, send a password reset request. This example walks you through sending a request with Postman.
Available in: both Salesforce Classic (not available in all orgs) and Lightning Experience
Available in: Enterprise, Unlimited, and Developer Editions

  1. From the Headless Identity API Demo folder in Postman, select Forgot Password - Initialize.
    Note the location of the POST request. It’s the /services/auth/headless/forgot_password endpoint on your Experience Cloud site.
  2. To see the request body, click Body. The password reset request includes these parameters.
    • username—The user’s registered username
    • recaptcha—A reCAPTCHA token. Because you configured your flow to require reCAPTCHA , you must include this parameter.
  3. Replace the body parameter values with your own information.
    1. For username, enter the username that you registered and logged in with.
    2. For recaptcha, enter a valid reCAPTCHA token from Google. You get this token when you implement reCAPTCHA on your app.
  4. To send the request to Headless Forgot Password API, click Send.
    If the request is successful, Salesforce sends a one-time password (OTP) to your email address. Here’s an example response in Postman. To avoid leaking user information, Salesforce always returns this response if reCAPTCHA validation succeeds, even if the user doesn’t exist.
    {
    "status_code": "otp_sent"
}
  5. Check your email to confirm that you received the OTP.

Next, use the OTP to finish changing your password.