Password Reset Link Format Changed - Breaking customerResetByUrl Storefront API

fuzzy
Shopify Partner
8 0 8

Has something changed recently with the customer password reset link send in the password reset flow? The structure of the URL in the email used to be:

 

https://my-brand.myshopify.com/account/reset/abc/xyz

 

but now is

 

https://my-brand.myshopify.com/_t/c/xyz?l=abc&c=def

 

This is causing the Storefront API mutation customerResetByUrl to no longer work as it does not accept this new link format as the `resetUrl` parameter of the mutation. When using that URL, the mutation returns "Unidentified Customer".

 

Replies 3 (3)

Reliked
Tourist
8 0 4

I am having this exact same issue, did you find a solution?

 

I can access the customer ID from the password reset email, but not the token, and the format in the original URL is encoded in some way.

wecre8websites
Shopify Expert
4 0 7

Hi Reliked,

 

Yeah, in the end it was resolved by our Plus Launch Engineer through support. There's apparently a setting on the Shopify side of things that can be enabled which determines the URL format that is use for the password reset and gql mutation. Reach out to support for this one.

Reliked
Tourist
8 0 4

Ah thank you. I realised the URL was showing differently when you inspect the button in the email, but when you actually send the url to your headless site, it formats the url correctly and I can use it for the api query!