Feature: It would be really useful to us if there was a built in email template that can be configured to be sent out when a user’s password is changed.
Description: This is a relatively common thing to see out in the wild. When you change your password you receive an email that says “Your password to account [username] was changed on [date] from [location]. If this wasn’t you please click the link below / contact support at [phone no]”
I’m aware we could do this with a “post-password-change” action but then we have to build/implement/deploy an email templating engine to be called by this when an email templating engine is already available inside the product.
Our security team are surprised that this doesn’t already exist as a feature in Auth0 and have requested that we raise it as a feature request.
Use-case: We are moving from Duende Identity Server to SAAS with Auth0 for protecting our paid customer information portal where paying users can log in and get access to commodity data that they are subscribed to.
To help mitigate the risk of account sharing or un-authorized access/password changing we want to be able to notify the account holder when their password has been changed.
While we appreciate that this is possible via that method we would like to request that this is also added as a built-in feature of Auth0.
This is due to the fact that email templating and sending is already built into Auth0 and we would ideally like to be able to re-use that for this email, rather than having to roll our own templating and sending code which comes with a higher risk of introducing mistakes, errors or security holes.
Could this please be added as a feature request to the Auth0 backlog even though it’s technically possible to roll our own solution?