Developer forum

Forum » Integration » Creating users and sending them activation/password reset link

Creating users and sending them activation/password reset link

E-mail notifications
Þórhallur Hálfdánarson
Þórhallur Hálfdánarson
Reply
Posted on 08/05/2018 17:03:27

Hi,

We're experimenting with using the User Provider data integration method to allow support staff to create new Dynamic web users from our CRM system.  We already have a working flow like this:

  1. Record is created in an external database table with all required data for the new user; email address, full name, customer ID and so on
  2. Data integration tasks is configured to import users from that table, creating new passwords on the fly and saving them encrypted
  3. Once a record is inserted in the external table, we call the activation URL of the data integration task, so the user is created immediately
  4. Destination settings on the data integration task trigger an email to the just-created user - with the password in cleartext.

Now, that 4th point is something we really want to avoid - and would preferably just like to trigger a password reset instead.

From the backend, resetting email works fine, and our email template for that uses @DWUsers:User:PasswordRecoveryUrl - but that's [understandably] not available in the new user welcome emails there.  For that to work, I guess DW would have to add an option to trigger the password reset, select a destination page, and set the PasswordRecoveryUrl variable accordingly.

Any other suggestion on how to achive this in a secure manner?

-Tolli


Replies

 
Dmitriy Benyuk Dynamicweb Employee
Dmitriy Benyuk
Posted on 08/05/2018 17:19:46
Reply

HI Þórhallur,
you can use the tag in the email template: "DWUsers:User:LoginToken" which has the value of the user login token and described here.
Using this you can create a link that signs the user in on any page (could be a create new password page).
Regards, Dmitrij

 
Þórhallur Hálfdánarson
Þórhallur Hálfdánarson
Posted on 09/05/2018 10:26:23
Reply

Ohh, thanks, will take a look at this!

-Tolli

 
Johan Ulff
Posted on 02/06/2021 10:13:12
Reply

Hi Dmitriy, can I use this when importing users via the Integration framework batch and send a mail with a URL to change the password? I tried

<a href="https://www.xxyy.se/sv-se/sign-in?Username=<!--@DWUsers:User:Username-->&PwToken=<!--@DWUsers:User:LoginToken-->">Change password</a>

 

but this does not seem to work. Your link above does not redirect to another page.

 

Regards Johan

 
Dmitriy Benyuk Dynamicweb Employee
Dmitriy Benyuk
Posted on 02/06/2021 21:37:55
Reply

Hi Johan,
yes, you can use those tags and create a link in the email template used in the User provider. Maybe you can check by entering the url directly in the browser
or also check the rendered link address? It could be some html symbol problem like "&amp;" instead of &.
BR, Dmitrij

 
Nicolai Pedersen
Posted on 03/06/2021 08:18:04
Reply

The link is a signin link using the pwtoken.

What you need is a reset link instead.

You need to link to a page with Extranet login on it. On that page setup password recovery feature as per the docs: https://doc.dynamicweb.com/documentation-9/users/user-management/extranet/login-mode

Then when linking to the login page, add this parameter: /login?LoginAction=Recovery

That will give you the password reset mechanism.

BR Nicolai 

 

You must be logged in to post in the forum