We're experimenting with using the User Provider data integration method to allow support staff to create new Dynamic web users from our CRM system. We already have a working flow like this:
- Record is created in an external database table with all required data for the new user; email address, full name, customer ID and so on
- Data integration tasks is configured to import users from that table, creating new passwords on the fly and saving them encrypted
- Once a record is inserted in the external table, we call the activation URL of the data integration task, so the user is created immediately
- Destination settings on the data integration task trigger an email to the just-created user - with the password in cleartext.
Now, that 4th point is something we really want to avoid - and would preferably just like to trigger a password reset instead.
From the backend, resetting email works fine, and our email template for that uses @DWUsers:User:PasswordRecoveryUrl - but that's [understandably] not available in the new user welcome emails there. For that to work, I guess DW would have to add an option to trigger the password reset, select a destination page, and set the PasswordRecoveryUrl variable accordingly.
Any other suggestion on how to achive this in a secure manner?