The forgot password link in the login page allows the user to enter the operator ID and sends an OTP in an email to the given email ID in the operator ID rule form. I would like to know the rule that generates this OTP. I was able to find the correspondence rule that is used in the email. But it takes a property names .pyOTP which already has the OTP generated when the correspondence is executed.
I was not able to get any rules on checking the references both of the property and the correspondence.
Tracing the guest requestor also didn't give much details on the source of the OTP.
Thanks for the response. I was able to get the API activity when i searched with the string "OTP". But when i tried tracing the guest requestor i was not able to find the mentioned activity at all. Although your response answers the query, would you mind telling me what i am missing here?
I could see that the correspondence "pyForgotPasswordOTPCorr" is being used in the trace but more than that as to the source of the OTP generation.
Note : The actual answer to the question can be found by looking at the below rules:
Activities - pzRequestHandler --> pzSendOTP --> pxSendOTP (contains a java step) tools.getAuthorizationHandle().getOTPManager().generate(context,longLivedToken,tools);
IOTPGenerationInfo generate(java.lang.String aContext,
aContext - : context for which the OTP has to be generated
isLongLived - : Check true if this is a long lived token to persist in the DB
aTools - : PublicAPI instance for current context
Returns the result in the object