So we don't have these built in (yet), but you can customise the flow fairly easily to enable these:
-------------------------------
For temporary password:
- I assume that the user will be created by the admin with a temp password. This can be done by calling our sign up API. You want to override the sign up API and after the original implementation is finished, you want to set the user's metadata to reflect that the password is temporary.
- When the user signs in with the temp password, you want to modify the session's access token payload to indicate that the password is still temporary. Then check for this in your APIs (post session verification) and on the frontend - if this the payload indicates that the pass is still temporary, then do not grant access to the user. Instead, redirect them to a page which asks them to change their password (you can build this page or take them through the built in reset password flow here).
- You can then override the password reset API on the backend and modify the session's access token payload to indicate that the password is no longer temporary, thereby giving them access to your APIs.