Skip to main content
Send password reset and authentication alert notifications through Novu by triggering a workflow when your auth provider emits a security event. Novu delivers the reset link or alert via email, in-app, or SMS depending on your workflow configuration.

How do I send a password reset notification?

  1. Create a workflow (for example, password-reset) with an email step containing the reset link: {{payload.resetUrl}}.
  2. When your auth system generates a reset token, trigger the workflow with the subscriber’s ID and payload.
import { Novu } from '@novu/api';

const novu = new Novu({ secretKey: process.env.NOVU_SECRET_KEY });

await novu.trigger({
  workflowId: 'password-reset',
  to: { subscriberId: user.id, email: user.email },
  payload: {
    firstName: user.firstName,
    resetUrl: `https://app.example.com/reset?token=${token}`,
    expiresInMinutes: 30,
  },
});
  1. Optionally add an in-app step to notify the user that a reset email was sent.

How do I integrate with Auth0 or Clerk?

Use webhook guides to connect your auth provider to Novu: Both patterns verify the webhook signature, map the auth event to a Novu workflow, and pass user details as the subscriber payload.

What should a password reset workflow include?

  • Email step with a clear subject, reset link, and expiration time
  • Throttle step (optional) to prevent abuse if the same subscriber triggers multiple resets
  • In-app step (optional) to confirm the request inside your application

Frequently asked questions

No. Generate and validate reset tokens in your auth system. Pass only the reset URL and metadata to Novu as workflow payload variables.
Yes. Add an SMS step to your workflow and ensure the subscriber has a phone number. Use SMS for high-priority alerts such as new device sign-in.