Expand my Community achievements bar.

Dive into Adobe Summit 2024! Explore curated list of AEM sessions & labs, register, connect with experts, ask questions, engage, and share insights. Don't miss the excitement.
SOLVED

Best practice for placement of resetPasswordProperties node in case of authentication using AccountManagementService API

Avatar

Level 2

I could see the node being placed under /content in AEM in the reference article below

http://www.sgaemsolutions.com/2017/07/reset-password-using.html

Would it be best to maintain it below content ?

1 Accepted Solution

Avatar

Correct answer by
Level 9

Hello,

 

I think its depend on your approach how you are planning to implement it. If, you are cross verifying via managing some validation that the person who is accessing this URL is same who requested for reset password then you are doing ok because you can easily stop those unwanted hit during validation (also, you can apply permission on this node hierarchy for access). But, if not then and want to protect your system from unwanted hits then captcha or moving this path configuration to Site context aware configuration (via wcm.io https://experienceleague.adobe.com/docs/experience-manager-core-components/using/developing/context-...) will be better approach.

 

I hope, it helps you to make decision.

 

Thanks!!

View solution in original post

1 Reply

Avatar

Correct answer by
Level 9

Hello,

 

I think its depend on your approach how you are planning to implement it. If, you are cross verifying via managing some validation that the person who is accessing this URL is same who requested for reset password then you are doing ok because you can easily stop those unwanted hit during validation (also, you can apply permission on this node hierarchy for access). But, if not then and want to protect your system from unwanted hits then captcha or moving this path configuration to Site context aware configuration (via wcm.io https://experienceleague.adobe.com/docs/experience-manager-core-components/using/developing/context-...) will be better approach.

 

I hope, it helps you to make decision.

 

Thanks!!