I have 3 different applications that are under the Single-Sign-On (SSO) umbrella. So if a user log into one of them, then navigate to another it takes them to the home page without logging in (if that user is authorize to that application). All 3 different applications could call the Forgot Password (Recovery API endpoint) which is linked to a single email template.
My question, how could I change the recovery link in the email template to match whichever application called the Forgot Password API dynamically? Currently the recovery link is static with the recoveryToken appended to it and that will not work for my situation unless there is a 4th application that handles ALL Okta user management but then the user experience is confusioning because a user will expect to interact with a application A but when I redirect them to application D to go through the recover password flow they might seem hestiate.
Any thoughts or direction would be greatly appreciated!
Unfortunately, you cannot change the Forgot Password template to match the application from which the API is called, as there is only one Forgot Password Template (one/tenant). However, what you can do would be to modify the Forgot Password Template as to show the users a general message, which would not apply to any application, but to all of them.
Also, you can submit a Feature Request, by going to "Feedback", located at the buttom of the Okta Admin Console.