auth.password_reset
event, passing it the token as a payload. You can listen to that event in a subscriber as explained in this guide, then send the customer a notification. The notification is sent using a Notification Module Provider, and it should have a URL that accepts a token
query parameter, allowing the customer to reset their password from the storefront.curl -X POST '{backend_url}/auth/customer/emailpass/reset-password' \
-H 'Content-Type: application/json' \
--data-raw '{
"identifier": "customer@gmail.com"
}'
{
"message": "Discount must be set to dynamic",
"type": "not_allowed"
}