POST /api/v1/users/{userId}/credentials/forgot_password

Starts the forgot password flow.

Generates a one-time token (OTT) that you can use to reset a User's Password.

The User must validate their security question's answer when visiting the reset link. This operation can only be performed on Users with an ACTIVE status and a valid Recovery Question credential.

Note: If you have migrated to Identity Engine, you can allow Users to recover passwords with any enrolled MFA authenticator. See Self-service account recovery

If an email address is associated with multiple Users, keep in mind the following to ensure a successful password recovery lookup:

Okta no longer includes deactivated Users in the lookup.
The lookup searches sign-in IDs first, then primary email addresses, and then secondary email addresses.

If sendEmail is false, returns a link for the User to reset their Password. This operation doesn't affect the status of the User.

Servers

https://{yourOktaDomain}

Path parameters

Name	Type	Required	Description
`userId`	String	Yes	ID of an existing Okta user

Query parameters

Name Type Required Description

Name	Type	Required	Description
`sendEmail`	Boolean	No	Sends a forgot password email to the User if `true` Default value: true

sendEmail

Boolean

No

Sends a forgot password email to the User if true

Default value: true

How to start integrating

Add HTTP Task to your workflow definition.
Search for the API you want to integrate with and click on the name.
- This loads the API reference documentation and prepares the Http request settings.
Click Test request to test run your request to the API and see the API's response.

All third party trademarks (including logos and icons) are the property of their respective owners, which do not sponsor, authorize, or endorse this website.

Pricing Templates Integrations Blog Contact Us Help

Terms of Service Privacy Policy