<![CDATA[Forgot Password]]>

<![CDATA[Forgot Password]]>Hi,

We are using anonymous_client.forgot_password to reset the forgotten passwords. We have noticed that the API never returns 404 (The User could not be found.) status code, even if the provided email address does not exist. It returns 200.

Could you please have a look?

Best regards,
JM

]]>https://fusionauth.io/community/forum/topic/3115/forgot-passwordRSS for NodeThu, 23 Apr 2026 18:03:23 GMTThu, 09 Apr 2026 21:41:06 GMT60<![CDATA[Reply to Forgot Password on Thu, 16 Apr 2026 23:20:46 GMT]]>@johnmiller I'm not 100% sure but that may be by design. You don't want to give away too much information. If it returned a specific error code, then you would know if the user exists or not.

]]>https://fusionauth.io/community/forum/post/8583https://fusionauth.io/community/forum/post/8583Thu, 16 Apr 2026 23:20:46 GMT