I have an API that handles password resets and part of the process of changing a password involves clicking a link in an email that then has a HTTP 302 Redirect
HTTP 302 Redirect
