Just happen to identify a bug in Salesforce today.
Scenario:
Need to do password reset for a user in sandbox.
However user email is appended with “.invalid” by default.
Edit the user record remove “.invalid” and check “Generate new password and notify user immediately”.
User got the link to confirm new email address. Upon click on the link – expectation is to get he new email (valid) address gets updated in user record.
However actually what happening is user is asked to provide verification token but it is sent to email address with “.invalid” appendix.
Solution:
To overcome this problem at our end. We need to approach in two steps.
- Update the email address, let user verify the new email address
- Then reset the password.
