I have a salesforce community with a custom domain (mysite.com).
When a user uses the reset password functionality, they get an email which includes a reset password link pointed to the force.com domain e.g. force.com/login?c=<big token>.
Clicking that link redirects a user to the change password screen, also on the force.com domain: force.com/_ui/system/security/ChangePassword.
I was hoping I could just change the forgot password email template so the link points to my domain instead: mysite.com/login?c=<big token>…but it seems this does not work.
I'm not sure on the best way to proceed here. Is this maybe a job for a URL rewriter? Do I build a custom change password page and send the users there instead? Am I not configuring my community correctly?
Edits: Trying to go down the path of building out a visualforce page which handles the password change.
I am confused how it is possible to use Site.forgotPassword() in conjunction with Site.changePassword(). When you call forgotPassword, in the context of a community, the email that goes out does not contain the temporary password. Instead it contains the type of link shown above, force.com/login?c=<confirmation token>. However, the changePassword call requires the temporary password.
How can I get a temporary password in my community forgot password email? If I cant do that can I read in the confirmation token on my custom page somehow?
Best Answer
Currently, custom domains are not possible with SSL/HTTPS, which is required for the specific use case you're talking about here.