AdhithyaR.30076 (Customer) asked a question.
We’re encountering an issue where users receive a “Your reset password token is no longer valid” error when clicking a password reset link sent via Okta Workflows. Accounts are provisioned from HR system, activated ahead of time, and the workflow triggers a password reset and sends the email two days before the user’s start date.
Execution logs show the token is freshly generated and matches the emailed link exactly. Despite this, users-both new and returning see an immediate token invalidation. We’ve verified there are no obvious mapping issues or workflow failures. Is there possibility that reset password API may have been executed twice, causing the first token to be invalidated. Don't see anything in the logs. Any guidance from the community would be greatly appreciated.
Hello @AdhithyaR.30076 (Customer) Thank you for posting on our Community page!
It seems there were other cases like this, but not using Workflows. I would recommend further investigating this with Support as they will be able to further review back-end logs which from the Community side we do not have that type of access.
Please also see, maybe it can provide some assistance.
https://devforum.okta.com/t/activation-token-expires-immediately/14940
Thank you for reaching out to our Community and have a great day!
--
Help others in the community by liking or hitting Select as Best if this response helped you.
Collect them all. Learn a new skill and earn a new Okta Learning badge.
Will do! Thanks Paul