Hello everyone! I’d like to ask if anyone managed to implement password reset? And does it work from TestFlight as well, or does it need to be published?
Thanks.
[UPDATED 9/24/25]
This will be added to the documentation as well but if you’d like to implement sending the password reset link on your own, this is the formatting for the deep link you’ll want to use:
[users_app_scheme]://reset_pw?reset=[reset_token]
Note: if you do not have an app scheme set, it will be app-[appID]
So for example, lets say my app is called basic-mobile-app, the password reset deeplink is
app-basic-mobile-app://reset_pw?reset=[result of step send reset password email]
HOWEVER - emails notoriously do not like deep links so its very possible the above format will not be recognized properly. As such, the following URL structure should be used if the password reset link is going to be sent via email:
https://[app-domain]/api/1.1/deep-link-redirect/[app-scheme]://reset_pw?reset=[reset-token]
so in my test app’s case, it would be:
https://basic-mobile-app.bubbleapps.io/api/1.1/deep-link-redirect/basic-mobile-app://reset_pw?reset=[result of step send reset password email]
4 Likes
awesome!!! thank you Nick!
can we use magic link login now?
I’d like to ask if anyone managed to implement password reset?
I have the same question. Can anyone share step by step guide please on how to make this password reset flow work in native mobile
@petter is there a guide on the manual for the above yet? Looks like it’s in high demand 
The docs are currently in review, but coming shortly—keeping an eye on this thread too 
1 Like
It works when I use Apple Mail. However, it broke in Gmail using Chrome. I should’ve noticed the updated URL structure parts.
Also, what it would be if I don’t have an app scheme? Should I change it to app-[appID]?
Updated:
I followed the URL structure and set an app scheme, but I still got a 404 error on both Chrome and Safari.
What Gemini explains me why this Custom URL Scheme works:
“““Here’s the breakdown and the most likely reasons for the failure on Android:
- The Core Problem: Deep Link Verification on Android
iOS (Universal Links) and Android (App Links) both rely on web domains for security and a smooth experience, but the setup is different, and Bubble’s wrapper/redirect service may not be configured correctly for Android.
iOS (Worked): When you used app-[appID]://… directly, Safari recognized it as a Custom URL Scheme and attempted to launch the app. This is a simpler mechanism than Universal Links/App Links, which is why it often works without the web-based redirect.
Android (Failed with 404): The link https://[app-domain]/api/1.1/deep-link-redirect/[app-scheme]://reset_pw?reset=… attempts to use the Bubble-provided HTTPS redirect service.
The 404 error means the redirect service is NOT active or NOT found on your Android/Chrome configuration. This is the primary point of failure. The redirect service should convert the HTTPS link into the custom scheme link (app scheme://…) and launch the app.
- Most Likely Cause: Android App Links (Digital Asset Links)
On Android, for a web-based link (https://yourdomain/…) to automatically open an app without a prompt, the system needs to verify that the app owns the domain. This verification is done using a file called assetlinks.json on your domain.
When you build a native wrapper (like the one Bubble uses), the build process is supposed to handle the setup of Android App Links. If this setup failed or if a key detail is missing, the entire redirect chain will break on Android.”””
@nick.carroll Can we confirm that? Thanks!
Hi I was able to have the mobile password reset link work just fine on Android. How are you testing?
I received the reset password link in my Gmail. I opened the link in Chrome on Android, but it failed to load. The error message displayed was 404: page does not exist. I’m using a Google Pixel 7a with the latest Android 16 version.
Is it the default link from the built in workflow action or did you construct your own link using the pw reset token?
Yes, I constructed my own link using the pw reset token following your suggested “deep link URL structure”.
Update:
- What method are you using to make it work on Android?
[users_app_scheme]://reset_pw?reset=[reset_token]
or
https://[app-domain]/api/1.1/deep-link-redirect/[app-scheme]://reset_pw?reset=[reset-token]
- I initially tested the app on TestFlight using App ID. It worked but failed on Android Chrome with the custom URL method. I also tested it with the https deep link method on iOS Safari and Android Chrome, but both failed. Despite a major build with a new app scheme, the issue persists. I’m concerned that my new app scheme isn’t properly registered on the Bubble redirect service and the app still recognizes the old scheme.
You may need to use the “formatted as URL” operator on an arbitrary text that contains the [app-scheme]://reset_pw?reset=[reset-token] part of the URL for it to work reliably across the board
In the email, your full link would look something like https://[app-domain]/api/1.1/deep-link-redirect/arbitrary text:formatted as URL
We realize that this is a horrible user experience and are going to be doing a fast follow that will allow you to just grab the entire formatted link rather than having to construct it. Stay tuned…
2 Likes
Update:
The :formatted as URL operator, when finally executed correctly by the server (after the delayed OTA update), was the fix. Although it is certainly not a “pretty URL” in the reset password email.
My suggestions:
“Enabling BubbleGo to test more native functions instead of waiting for slow OTA update would have saved days of troubleshooting 404 error.”
We have our app live in mobile beta on the app store. The password reset function seems to be working unitl the app opens.
-
user clicks forgot password
-
email is sent and reieved
-
user clicks the link in the email (gmail)
-
app is launched
-
app screen is white
Not sure what I might be doing wrong or if there is a bug? Is there more documentation on this? Maybe tomorrow I can try this with a user that has an icloud account to see if that makes a difference. looking at the deep link in the dev tools, it seems there is a capital “F” right before the reset_pw in both places so Freset_pw. Would it help if I tried hardcoding the deep link verses using the built in password reset link?
Sounds like this feature was ill conceived and everyone is having issues. Did anyone get it to work?
I get notified that it’s an invalid password reset request whenever I try to use it.
Are you close to having this work on BubbleGO? Right now I don’t see how to create an account for someone else in dev because the only way that account can be fully setup is by that user resetting their password and thats not possile to do in dev.
I really wish that Bubble would shift focus from their obsession with AI to getting the basic functionality working on the mobile app.
With our latest live build, it is now redirecting to the web reset password page. Which I believe will be enough for app approval.