The Hosted Login v2 resetPasswordCodeExchange

ImportantIdentity Cloud's 2FA feature is currently in Limited Availability. Please contact your Akamai representative as usage of 2FA features must be approved during Limited Availability. If you're looking for the Hosted Login v1 version of this screen, click here.


The resetPasswordCodeExchange screen is displayed when a user clicks an invalid reset password link; these links are emailed to users who click the Forgot Password? link on the sign-in screen and then supply a valid email address. Typically this screen is displayed because one of the following scenarios took place;

  • The reset password link has already been used: password reset links are for one-time use only. In fact, suppose you click a reset password link then, for whatever reason, don’t reset your password. A few minutes later, you click the reset password link again. When you do that, you’ll see the resetPasswordCodeExchange screen. That’s because the link has already been clicked once, even though you didn’t do anything after clicking the link.
  • The reset password link has expired: by default, these links are only valid for 15 minutes. If 15 minutes is too long (or too short), you can modify the lifetime for a reset password link by using the recover_code_lifetime setting.

Reset Password Screen Flow

The following graphic shows how the resetPasswordCodeExchange screen fits into the Reset Password flow.

The resetPasswordCodeExchange Screen : Technical Documentation