Helpdesk is on internal full vanity and triggers a password reset for an end user.

The end user should receive an e-mail with the internet-facing end user accessible vanity URL, not the internal admin.

A process such as password reset is designed to use URLs that are based on the URL that was used to start the flow.

The template personalization process (and perhaps other kinds of personalization processes) may need adjusting to properly align with the vanity URL that almost always is the anchor for personalization.

VIP Authentication Hub 3.4.2;

Upgrade VIP Authentication Hub to version 4.0 (former 3.5) to fix this issue.

The fix is to introduce a new InternalIdStore setting called EndUserPasswordResetVanityURLs selector for the Admin to choose to configure the supported vanity URLs.

If the selected Vanity URLs are two or more, then:

• A dropdown is shown in the reset password pop screen for Admin on the Console;
• And also a new Account Activation Link on the create User screen:

| URL                    | Drop Down    | Default             |
|------------------------+--------------+---------------------|
| default URL            | No drop down | default selection   |
| custom URL             | No drop down | default selection   |
| 1 Vanity URL           | No drop down | default selection   |
| More than 1 Vanity URL | Drop down    | Drop down to choose |

If the Configuration has a CustomURL defined, that overrides and drops down is not shown on AdminConsole.