[aerogear-dev] Password reset

Bruno Oliveira bruno at abstractj.org
Thu Dec 5 07:55:02 EST 2013


I think we can validate the whole example and check what’s missing and add PicketLink later. Do you think is a great idea to be “storage” agnostic?

On December 5, 2013 at 10:48:15 AM, Sebastien Blanc (scm.blanc at gmail.com) wrote:
> For first registrations, I presume it uses the same endpoint ? I'm thinking of this scenario : 

The same endpoint? Not following you on it.

> - An admin creates a new users just by providing a loginName.
> - The backend creates the user and returns the url as explained above.
> - Admin sends the link to the user.

Here is the workflow which I really would like to change. When and admin sends the url to the user, we have some cons:

- We have no control over it, if the admin is just sending it without SSL or not. 
- An admin can generate thousands of urls
- The process is completely manual

My suggestion is to implement something with <put your hipster framework to send e-mails here>. Make sense? I’m not saying this is a top huge priority, but necessary.

> - User click the link and set his password.  
-- 
abstractj



More information about the aerogear-dev mailing list