<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
The Forgot Password Email Does Not Contain the One-Time Password (OTP)
May 19, 2025
Okta Identity Engine
Okta Classic Engine
Administration
Overview

When a user attempts the Forgot Password flow in order to reset the password, the email being sent from Okta contains an OTP code to be used instead of the link (in the form of a Reset Password button). When using API, the OTP is not being sent.

Applies To
  • One-Time Password (OTP)
  • Forgot Password flow
Cause

The forgot password email is triggered via API if sendEmail=true.

Solution
  • If an end-user triggers the Forgot Password email using the option on the Sign-in page, the OTP will appear in the email sent by Okta.
  • If the Forgot Password email is triggered via an API call, Okta's email does not contain the OTP and instead presents the Password Reset Link to the user.

 

Related References

Recommended content

Still looking for help?
Loading
The Forgot Password Email Does Not Contain the One-Time Password (OTP)