Issues with reset password and activation emails

We’re having problems with some users where the reset password email may show one of these problems:

1. The user does not receive the email
2. The link in the email redirects to /account/invalid_token
3. The link doesn’t appear in the email – i.e. the button to reset is there, but it’s not clickable

(The above can happen with the account activation emails but I don’t think we trigger them via Graphql)

The query is:

#graphql
  mutation customerRecover($email: String!) {
    customerRecover(email: $email) {
      customerUserErrors {
        code
        field
        message
      }
    }
  }

The endpoint we’re using is: /api/2024-01/graphql.json

Any suggestions as to how this can be addressed?

Hey @j_user,

Thanks for reporting this here. Off hand, I do notice you’re using an outdated endpoint so you may want to update that to a current version.

The mutation itself is correct though so I don’t see the version causing issues here. Do you by chance have the x-request-id from the mutation where it resulted in unexpected behavior?

Also, is this happening on a single shop or are you noticing this happening across multiple shops? How frequently do you notice this happening?

Thanks for your reply.

I’ve got three x-request-id from two different accounts:

1. Account A (failed request): 93678c3b-45a0-4ab3-bae2-28024f66fa05-1752485222
2. Account B (failed request): 216162c0-cd4b-4790-9255-aaba5f76136b-1752488672
3. Account B (successful request): ee1b8da2-c403-4e6c-9c85-799da8c0d688-1752488904

These were requests to reset the password and uses 2025-07 version. They both exhibit issue where the link in the email redirects to /account/invalid_token.

It’s happening on a single shop (I don’t have any other stores to compare it to). I don’t have any data on the frequency across different users, but at least with the Account A above, it seems to consistently result in one of the issues I mentioned in the initial post.

Hi. Not sure if this helps but we have a very similar issue in our shop as well: BUG: Account invite and password reset email not working

Difference is that we don’t use the API to trigger the password reset/account invite.

Yeah I saw the link back to my post. I think I’ll be discussing my issue via a support ticket now, but I’ll keep this thread updated. Hopefully we can get it solved soon!

That would be very nice, thank you!

Hey @Marco_Bogner and @j_user,

I’ve been doing some digging in here. Can you tell me if re-sending a second time works?

Hi @KyleG-Shopify Yes, in my case resending usually works.

Mine doesn’t seem consistent between accounts. Account A I mentioned above seems to consistently have a problem. Account B has had random issues where the link wouldn’t be clickable (maybe about 2/3 times it would work), but for the first time when I tested to get the x-request-id I got the issue where we got the invalid token issue, and then the test after that was fine.

Hi @KyleG-Shopify Do you have any updates on this?

Hey Marco, the issue should be resolved. Can you test again and see if it’s working as expected now?

If not, let me know what issues you’re still seeing as there have been a few different ones reported in this thread.

Hey Kyle, I’ve been speaking to support over email and they’ve said that the fix is in progress, so not yet implemented? Or is it a different issue you’re referring to?

Hey! You did report multiple issues. Are you still seeing any of the reported unexpected behaviour happen?

Hey. Are you still experiencing this issue, or can I mark this as solved?

Yep, issue seems to be solved now. Sorry for the delay as I was waiting for response regarding a question via email support.

Appreciate your help, Kyle. Thank you!