Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

SOLVED

Best practice for placement of resetPasswordProperties node in case of authentication using AccountManagementService API

Avatar

Level 2

I could see the node being placed under /content in AEM in the reference article below

http://www.sgaemsolutions.com/2017/07/reset-password-using.html

Would it be best to maintain it below content ?

1 Accepted Solution

Avatar

Correct answer by
Community Advisor

Hello,

 

I think its depend on your approach how you are planning to implement it. If, you are cross verifying via managing some validation that the person who is accessing this URL is same who requested for reset password then you are doing ok because you can easily stop those unwanted hit during validation (also, you can apply permission on this node hierarchy for access). But, if not then and want to protect your system from unwanted hits then captcha or moving this path configuration to Site context aware configuration (via wcm.io https://experienceleague.adobe.com/docs/experience-manager-core-components/using/developing/context-...) will be better approach.

 

I hope, it helps you to make decision.

 

Thanks!!

View solution in original post

1 Reply

Avatar

Correct answer by
Community Advisor

Hello,

 

I think its depend on your approach how you are planning to implement it. If, you are cross verifying via managing some validation that the person who is accessing this URL is same who requested for reset password then you are doing ok because you can easily stop those unwanted hit during validation (also, you can apply permission on this node hierarchy for access). But, if not then and want to protect your system from unwanted hits then captcha or moving this path configuration to Site context aware configuration (via wcm.io https://experienceleague.adobe.com/docs/experience-manager-core-components/using/developing/context-...) will be better approach.

 

I hope, it helps you to make decision.

 

Thanks!!