How does a user get their lost password

Kofi Hamilton

I'm using SSO redirect logins (which is not working - but thats a headache for another discussion)

In our former getactive solution we had a retrieve password link that worked perfectly. I've searched and searched and searched and I can't find any documentaion on what the url for the retrieve lost password link is.

Any help will be appreciated - We have 'migrated' to convio but our site is currently unusable because the API is failing us.

Stephen O

Kofi, please try this URL convention: https://{convio-hostname}/site/UserLogin. Your constituents can use the form on this page to retreive their password.

Greg Zelder

Stephen O:

Kofi, please try this URL convention: https://{convio-hostname}/site/UserLogin. Your constituents can use the form on this page to retreive their password.

On a related note, I am trying to build a set of reusable login management components, such that I can embed it in any wrapper so a user can login, get a password hint, reset, etc without navigating to UserLogin and away from the page they're looking at.

Is it at all possible to retrieve a password hint or trigger the password email reminder without using the UserLogin page? I suppose I'm probably missing something obvious in the docs, so if that's the case please point me in the right direction!

Steve Mook

Greg Zelder:

On a related note, I am trying to build a set of reusable login management components, such that I can embed it in any wrapper so a user can login, get a password hint, reset, etc without navigating to UserLogin and away from the page they're looking at.

Is it at all possible to retrieve a password hint or trigger the password email reminder without using the UserLogin page? I suppose I'm probably missing something obvious in the docs, so if that's the case please point me in the right direction!

Greg,

Call the CRConsAPI:login method with the constituent’s email address in the email parameter and send_user_name=true. A message with the user name and password will be mailed to that user’s email address.

Steve

Greg Zelder

Steve Mook:

Greg,

Call the CRConsAPI:login method with the constituent’s email address in the email parameter and send_user_name=true. A message with the user name and password will be mailed to that user’s email address.

Steve

As far as I can tell, this method sends the username only. Is there something else I must do to get the username/password email?

We've also run into another problem involving a login form which only requires last name and member ID (confusingly, though, the member ID our members input here is actually custom_number4). Using method=authenticateUser works just fine unless the constituent has an empty primary_email, which happens fairly often when we upload constituent data from Raiser's Edge. When the email is null, the entire site breaks with a servlet error saying 'primary_email cannot be empty' .

Is this something I can work around? I've been trying without success for days here...

Chris Steipp

Steve Mook:

Greg,

Call the CRConsAPI:login method with the constituent’s email address in the email parameter and send_user_name=true. A message with the user name and password will be mailed to that user’s email address.

Steve

I've also been trying to get the password to be sent when I inlcude the email and "send_user_name=true" parameters to the login method, but only the username is emailed. Are there extra parameters that need to be added to get the email to include the password?

Steve Mook

Chris Steipp:

I've also been trying to get the password to be sent when I inlcude the email and "send_user_name=true" parameters to the login method, but only the username is emailed. Are there extra parameters that need to be added to get the email to include the password?

Every now and then, I'll come across a case where my test environment is configured precisely opposite our clients' production environments. I think we do this just to keep ourselves humble. It tends to happen where security and convenience diverge, as in this case.

So, there is at present a bug in login API. To get a production site to return a password email from a call to the login, you must either contact Convio support to update a session data parameter to match the configuration we use in test, or log in to Convio, go to Setup / Autoresponders, and override the default Login / Send User Name auto-responder with the contents of the Login / Send Password auto-responder. With either work-around, new users will also be emailed thier password when they register, which is not now Convio's default behavior, and is considered less secure.

--Steve

Matthew Smith 2

Steve Mook:

Every now and then, I'll come across a case where my test environment is configured precisely opposite our clients' production environments. I think we do this just to keep ourselves humble. It tends to happen where security and convenience diverge, as in this case.

So, there is at present a bug in login API. To get a production site to return a password email from a call to the login, you must either contact Convio support to update a session data parameter to match the configuration we use in test, or log in to Convio, go to Setup / Autoresponders, and override the default Login / Send User Name auto-responder with the contents of the Login / Send Password auto-responder. With either work-around, new users will also be emailed thier password when they register, which is not now Convio's default behavior, and is considered less secure.

--Steve

Is there a way for us to check on the status of this and other bugs?