Understanding the Scenario
The scenario involves a custom LWC registration form on a public-facing Experience Cloud site (Site A) that, upon submission, calls an Apex method. This Apex method inserts an Account, a Contact, and a User record with the ‘Customer Community Login User’ profile, and then executes System.resetPassword(u.Id, true) to trigger the welcome/password reset email. After this process, the user is redirected to the login page of the private portal site (Site B), where they encounter the “Invalid Credentials” error.
ApexMethod.cls
@AuraEnabled
public static void saveRegistration(String companyName, String email, String contactName) {
try {
Account acc = new Account(Name = companyName);
insert acc;
Contact con = new Contact(LastName = contactName, Email = email, AccountId = acc.Id);
insert con;
Profile p = [SELECT Id FROM Profile WHERE Name = 'Customer Community Login User' LIMIT 1];
User u = new User(
Username = email + '.portal',
Email = email,
ContactId = con.Id,
ProfileId = p.Id,
Alias = contactName.take(5),
TimeZoneSidKey = 'Asia/Kolkata',
LocaleSidKey = 'en_IN',
EmailEncodingKey = 'UTF-8',
LanguageLocaleKey = 'en_US'
);
insert u;
System.resetPassword(u.Id, true);
} catch (Exception e) {
throw new AuraHandledException(e.getMessage());
}
}
Root Cause Analysis
The root cause of the issue lies in the fact that System.resetPassword(u.Id, true) does not immediately activate the user for login. The user needs to first reset their password by clicking on the link provided in the welcome email before they can log in successfully.
This misunderstanding leads to the “Invalid Credentials” error because the user is trying to log in before completing the password reset process.
Fixing the Issue
To resolve this issue, it is crucial to ensure that the user completes the password reset process before attempting to log in. This can be achieved by modifying the registration flow to include a step where the user is prompted to check their email for the password reset link and follow the instructions to reset their password.
Heads up: Ensure that the email address associated with the User record is valid and accessible to the user, as the password reset link will be sent to this email address.
Checklist for Resolution
Steps to Resolve the Issue
- Modify the Apex method to include a step for sending a custom email with password reset instructions if needed.
- Ensure the User record is properly inserted with the correct profile and contact information.
- Verify that System.resetPassword(u.Id, true) is correctly triggering the welcome/password reset email.
- Test the registration flow to ensure the user can successfully reset their password and log in.
- Consider implementing additional error handling and logging in the Apex method to help diagnose any future issues.
Frequently Asked Questions
What if the user does not receive the password reset email?
Check the user’s email address for accuracy and ensure that the email was not flagged as spam. Also, verify that the System.resetPassword method is correctly configured to send the email.
Can I customize the password reset email template?
Yes, you can customize the template using Salesforce’s email template features, allowing you to brand the email and provide additional instructions or support information.
How long does it take for the password reset link to expire?
The password reset link typically expires after a certain period, which can be configured in Salesforce. It is essential to inform the user to reset their password promptly to avoid expiration.
What if the user forgets their password after the initial reset?
The user can use the “Forgot Password” feature on the login page to initiate another password reset process.
Need help shipping this in production?
Genetrix builds and untangles Salesforce Marketing Cloud and Agentforce setups for teams that want it done right the first time. If anything in this post sounds familiar, talk to us before it ships.
