I'm making a game that requires email authentication (or no authentication). Since PlayFab's session ticket isn't valid when starting the game again, to avoid asking the player to log in every time I'm implementing the solution suggested in other questions, to generate and link a unique custom id, store it locally in the device, and log in with that.
The issue I see is that the custom id will basically exist forever, even if the player resets the password; as a user I'd expect not to be able to log in from anywhere without my email & password after resetting it. So I thought about adding a Cloud Script that unlinks the custom id when the password reset event is triggered, but there doesn't seem to be a way to do it from the server API, and it looks like I can't access the client API from a Cloud Script. Is there any way to do so, or other way to achieve what I want?