Send a password reset request
Sends a password reset request to an email address. This method supports the PKCE flow.
- The password reset flow consist of 2 broad steps: (i) Allow the user to login via the password reset link; (ii) Update the user's password.
- The
resetPasswordForEmail()
only sends a password reset link to the user's email. To update the user's password, seeupdateUser()
. - A
SIGNED_IN
andPASSWORD_RECOVERY
event will be emitted when the password recovery link is clicked. You can useonAuthStateChange()
to listen and invoke a callback function on these events. - When the user clicks the reset link in the email they are redirected back to your application.
You can configure the URL that the user is redirected to with the
redirectTo
parameter. See redirect URLs and wildcards to add additional redirect URLs to your project. - After the user has been redirected successfully, prompt them for a new password and call
updateUser()
:
1const { data, error } = await supabase.auth.updateUser({
2 password: new_password
3})
Parameters
email
REQUIRED
stringThe email address of the user.
options
Optional
objectcaptchaToken
Optional
stringVerification token received when the user completes the captcha on the site.
redirectTo
Optional
stringThe URL to send the user to after they click the password reset link.
const { data, error } = await supabase.auth.resetPasswordForEmail(email, {
redirectTo: 'https://example.com/update-password',
})