Hey @Sergio_Carbonete - can you describe the end-user flow you’re trying to achieve here?
You can use the custom password reset here without having to use the email reset. The SDK APIs have two functions:
CallResetPasswordFunctionAsync(String, String, Object)
ResetPasswordAsync(String, String, String)
To avoid using email reset, you can pass in custom parameters into the first function, e.g.
callResetPasswordFunction("myUsername", "newPassword", ["Security Question Answer 1"])
In this example, you could use the security question to validate some logic and then return “success” to immediately reset the password to the new password, or return “pending”. If you return “pending”, note that you will have to do something with the token and tokenID which get generated and are available in the context for the handler for
CallResetPasswordFunctionAsync(String, String, Object) on the Realm backend. (e.g. you can send these tokens to the user in a text, custom email, etc). The password will only fully reset if you call the second function with the token and tokenID w/
ResetPasswordAsync(NewPassword, Token, TokenID)