password reset URL links initiated through API getting unauthorized 403 error

  • 1
  • Problem
  • Updated 3 days ago
(this isn't about the mandatory password resets)

I am testing initiating a password reset email through the API
Send-SfRequest $sfClient -Method POST -Entity Users -id $user.id -Navigation 'ResetPassword' -BodyText (@{"NewPassword"= $($user.Password)} | ConvertTo-Json) -Parameters @{"notify" = "true"}    
When users get the email the URL link provided results in a HTTP 403 unauthorized error

the password reset URL the users get is 
https://(our subdomain).sf-api.com/sf/?cmd=rp&id=(user ID)

error:
Access to (subdomain).sf-api.com was denied
You don't have authorization to view this page.
HTTP ERROR 403

I've tested this inside and outside our company network
Photo of robertm

robertm

  • 4 Posts
  • 0 Reply Likes
  • confused

Posted 1 week ago

  • 1
Photo of robertm

robertm

  • 4 Posts
  • 0 Reply Likes
this API call does the same thing, but works fine 
Send-SfRequest $sfClient -Method POST -Entity Users -Navigation 'ForgotPassword' -Parameters @{"email" = $($user.email)}