AuthReset to Auto-confirm User Registration for Password set by Admin

My client’s use case requires my client to add user records within FileMaker.

The script I wrote adds a user record in the business database, Then, the script calls the CRUD script to add a User record to the FMBF Helper file. After the user records are created, it sends an email with a link for the user to click to confirm the registration.

My idea was to use the authReset in the onFormRequest hook of the Rest PW page to set the official hashed password in the BF Helper File.

How is the reset token set in the User table in the Helper File?

I have read that authForgot might be involved to set the reset token. Should I call authForgot before calling authReset to perform an auto-confirm type function?

Thanks for your help.

So for security purposes, BF framework hashes
and creates a time bombed reset token.

Your approach is correct but see this link as there are some hoops to jump through:

Basically, you need to call an authForget Then, intercept the email and token in the onAuthNotifier hook then pass that back at the time the user sets the final PW.

That thread will cover a fair bit of this workflow.

Got things working to generate the email via authForgot. The email has a link for the recipient to click to “Complete” their registration. After authForgot and before sending the email, the app generates a user token that is put into the link. Also, the reset token is captured and stored in the user’s record for later retrieval. When the recipient clicks the link, it goes to the Reset PW form in a browser. The idea is for the Reset PW form to capture the user token, use that to get the reset token and automatically run authReset to reset the password to a given password. Note that the user does not select a password in this flow. They are assigned a password. (This user base is not one for setting up their own passwords.)

Any suggestions on how and where to have the Reset PW form run the reset automatically on its own?

Thanks for your help.

Since everything is BF action based if you want to run the workflow when a user arrives at a page, you would need to kick it off in the onformLoad actions.

If you want to provision the whole account ( email and assigned password ) before the user is there yo would need to have those actions run in a web viewer since they need BF to run.

A few extra notes:

The reset pw token is time bombed so you will need to generate at the time you plan on using it.

If you want to have an action trigger the reset password, workflow, you will have to intercept the authNotifier script to capture the token, then have the token saved so that the user can consume it ( put it in model.token ) as noted in the above whimsical link.