I'm using basic password services. In other scenarios like change password, max retries etc, the smpwservices.fcc does put &USERNAME=username in the query string when it's redirecting to the smpwservices.fcc
However on SMAUTHREASON=20 (ImmedPasswordChange), it doesn't put the username parameter in the query string. The username parameter however is present in the SMTOKEN parameter in a encoded format.
This causes the fcc to ask for the username instead of just the old and new passwords. In the older smpwservicescgi.exe the username was available as a query string. This extra step is undesirable. Is this a known issue?