I have a doubt regarding the email verification.
I enabled the database and users can now log in with username and password. Now, I would like them to verify the email before using my application.
As soon as they sign up, the verification email is sent and they can verify it. Everything is good that way.
What if this email is lost, removed or expired? To enforce the email verification, the user should have a way to ask for the verification email to be sent.
Is there a way to implement this from the UI? Where should I look at?
Here’s the endpoint to use (Auth0 Management API) for an additional verification email to be re-sent.
Thanks @moonkrj ! Still, I try to use that endpoint and I am unauthorized. If I use the access token, I get an Unathorized Error regarding a Bad Audience. My audiences are my custom API and /userinfo.
Would setting the client domain as an audience help? If so, how can it be done (or is it a good practice)?
The thing is that the token needs the update:users scope. You may receive a token with this scope using the request
https://<tenantName>.auth0.com/oauth/token , however, it implies that client info will be visible (tried that with GitHub Project do my homework for me).
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.