Skip to content

fix(core): allow initial password setup without verification#8746

Open
wangsijie wants to merge 2 commits intomasterfrom
wangsijie-initial-password-setup
Open

fix(core): allow initial password setup without verification#8746
wangsijie wants to merge 2 commits intomasterfrom
wangsijie-initial-password-setup

Conversation

@wangsijie
Copy link
Copy Markdown
Contributor

@wangsijie wangsijie commented Apr 30, 2026
edited
Loading

Summary

Allow Account API users who have no password, primary email, or primary phone to set their first password without a logto-verification-id.

This keeps verification required for users who already have password, primary email, or primary phone, and keeps the relaxation scoped to POST /api/my-account/password. Account Center now skips the empty verification method screen for zero-method users and sends the password update request without the verification header only in that initial setup path.

Also updates the Account API OpenAPI description and adds a changeset.

Design doc

https://www.notion.so/silverhand/Allow-initial-password-setup-without-prior-verification-35026f6af1dc818c9a4be2f689c5bd8e

Testing

Integration tests

Checklist

  • .changeset
  • unit tests
  • integration tests
  • necessary TSDoc comments

@github-actions
Copy link
Copy Markdown

github-actions Bot commented Apr 30, 2026
edited
Loading

COMPARE TO master

Total Size Diff 📉 -6.19 KB

Diff by File
Name Diff
.changeset/initial-password-setup.md 📉 -167 Bytes
packages/account/src/apis/account.ts 📉 -123 Bytes
packages/account/src/pages/Password/index.tsx 📉 -383 Bytes
packages/account/src/utils/security-page.test.ts 📉 -801 Bytes
packages/account/src/utils/security-page.ts 📉 -214 Bytes
packages/console/src/pages/SignInExperience/PageContent/SignUpAndSignIn/SignUpForm/SignUpProfileFieldsEditBox/SignUpProfileFieldItem.module.scss 📉 -476 Bytes
packages/console/src/pages/SignInExperience/PageContent/SignUpAndSignIn/SignUpForm/SignUpProfileFieldsEditBox/SignUpProfileFieldItem.tsx 📉 -685 Bytes
packages/console/src/pages/SignInExperience/PageContent/SignUpAndSignIn/SignUpForm/SignUpProfileFieldsEditBox/index.module.scss 📉 -287 Bytes
packages/console/src/pages/SignInExperience/PageContent/SignUpAndSignIn/SignUpForm/SignUpProfileFieldsEditBox/index.tsx 📉 -4.63 KB
packages/console/src/pages/SignInExperience/PageContent/SignUpAndSignIn/SignUpForm/index.tsx 📉 -317 Bytes
packages/console/src/pages/SignInExperience/PageContent/utils/parser.test.ts 📉 -1.32 KB
packages/console/src/pages/SignInExperience/PageContent/utils/parser.ts 📉 -759 Bytes
packages/console/src/pages/SignInExperience/types.ts 📉 -498 Bytes
packages/core/src/routes/account/index.openapi.json 📉 -199 Bytes
packages/core/src/routes/account/index.ts 📉 -328 Bytes
packages/integration-tests/src/api/my-account.ts 📉 -68 Bytes
packages/integration-tests/src/tests/api/account/initial-password-setup.test.ts 📉 -5.08 KB
packages/phrases/src/locales/ar/translation/admin-console/sign-in-exp/sign-up-and-sign-in.ts 📉 -338 Bytes
packages/phrases/src/locales/de/translation/admin-console/sign-in-exp/sign-up-and-sign-in.ts 📉 -252 Bytes
packages/phrases/src/locales/en/translation/admin-console/sign-in-exp/sign-up-and-sign-in.ts 📉 -235 Bytes
packages/phrases/src/locales/es/translation/admin-console/sign-in-exp/sign-up-and-sign-in.ts 📉 -262 Bytes
packages/phrases/src/locales/fr/translation/admin-console/sign-in-exp/sign-up-and-sign-in.ts 📉 -275 Bytes
packages/phrases/src/locales/it/translation/admin-console/sign-in-exp/sign-up-and-sign-in.ts 📉 -247 Bytes
packages/phrases/src/locales/ja/translation/admin-console/sign-in-exp/sign-up-and-sign-in.ts 📉 -322 Bytes
packages/phrases/src/locales/ko/translation/admin-console/sign-in-exp/sign-up-and-sign-in.ts 📉 -268 Bytes
packages/phrases/src/locales/pl-pl/translation/admin-console/sign-in-exp/sign-up-and-sign-in.ts 📉 -248 Bytes
packages/phrases/src/locales/pt-br/translation/admin-console/sign-in-exp/sign-up-and-sign-in.ts 📉 -261 Bytes
packages/phrases/src/locales/pt-pt/translation/admin-console/sign-in-exp/sign-up-and-sign-in.ts 📉 -264 Bytes
packages/phrases/src/locales/ru/translation/admin-console/sign-in-exp/sign-up-and-sign-in.ts 📉 -329 Bytes
packages/phrases/src/locales/th/translation/admin-console/sign-in-exp/sign-up-and-sign-in.ts 📉 -397 Bytes
packages/phrases/src/locales/tr-tr/translation/admin-console/sign-in-exp/sign-up-and-sign-in.ts 📉 -251 Bytes
packages/phrases/src/locales/zh-cn/translation/admin-console/sign-in-exp/sign-up-and-sign-in.ts 📉 -246 Bytes
packages/phrases/src/locales/zh-hk/translation/admin-console/sign-in-exp/sign-up-and-sign-in.ts 📉 -258 Bytes
packages/phrases/src/locales/zh-tw/translation/admin-console/sign-in-exp/sign-up-and-sign-in.ts 📉 -258 Bytes

@github-actions github-actions Bot added size/m and removed size/m labels Apr 30, 2026
@wangsijie wangsijie marked this pull request as ready for review April 30, 2026 04:35
chatgpt-codex-connector[bot]
chatgpt-codex-connector Bot reviewed Apr 30, 2026
View reviewed changes
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: a9ac01a94f

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread packages/account/src/pages/Password/index.tsx
@github-actions github-actions Bot added size/m and removed size/m labels Apr 30, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chatgpt-codex-connector chatgpt-codex-connector[bot] chatgpt-codex-connector[bot] left review comments

@simeng-li simeng-li Awaiting requested review from simeng-li simeng-li is a code owner

@charIeszhao charIeszhao Awaiting requested review from charIeszhao charIeszhao is a code owner

@gao-sun gao-sun Awaiting requested review from gao-sun gao-sun is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

@wangsijie wangsijie

Labels

bugfix size/m

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@wangsijie