Hi, how can I restrict password reset functionality based on user role. i.e. user clicks ‘Forgot password’, enter email, then I check if user has role ‘permanent-user’ and return error stating that ‘Not allowed to reset password’.
I tried to play with ‘reset credentials’ Authentication flow. I can use ‘Conditional - user role’, but could not figure out how to set it up correctly. Or maybe it is not possible to do it with ‘reset credentials’ flow?
If not possible with ‘reset credentials’ flow, any advice of which Service Provider Interfaces to use in order to override the default flow?