Hi all,
I wanted to mention that I implemented the flow as suggested by @ido in his post above under the New Process section.
I coded everything so the auth control is in the hands of Firebase Auth. When the customer forgets their password, they receive one email from Firebase (which I can customize to my liking). Once they re-login with the new password and is validated by Firebase Auth, I set the new password via the provided Particle api endpoint throught a Firebase Cloud function.
All in all my password reset flow is better this way since the customer receives only one customizable email and not two Particle identical emails like before.
Thank you guys for the support.
Gustavo.