Auth0 Require Email Verification issues

Hi,

We use this Require Email Verification from Auth0 to ensure our users verify their e-mail before signing in. This offen gives a issue as the customers don’t seems to be looking on their mails before moving on.

The only information send back to us in the URL is “Access Denied” nothing more. So how can we inform our customers that they need to verify their email before moving on.?

This is the module we use : https://marketplace.auth0.com/integrations/auth-0-require-email-verification?tab=install

Hi @mbh,

Welcome to the Auth0 Community!

I have just checked the Require Email Verification integration you shared and found, in the installation steps, it states that you should be able to configure the integration’s Error Message to set your preferred error_description.

However, when I tried to test this integration, I was not able to configure the integration’s error message.

Given that, I will let our Engineering teams know about this issue to have them look at this.

In the meantime, you could implement this Post-Login Action script as a workaround:

exports.onExecutePostLogin = async (event, api) => {
  if (!event.user.email_verified) {
    api.access.deny(`Please verify your email before continuing.`);
  }
};

Please let me know if you have any questions.

Thanks,
Rueben

The provided code here, don’t work.

Hi @mbh,

I have just tested this on my end and can confirm that the provided code works.

See screenshot below:

image1286×861 136 KB

Could you provide more details on the issue you are experiencing?

Thanks,
Rueben

Sure the customers do still get the “access denied” even after i added the code and all.

Hi @mbh,

Yes, they should see the URL structure that looks something like the following:

https://yourApp/callback?error=access_denied&error_description=%5Btest%5D%20force%20email%20verification%20action%20-%20Please%20verify%20your%20email%20address%20to%20continue%20to%Test%20Application&state=yourState

I see the url that is coming back is :
https://www.joybuggy.com/en/ checkout?error=access_denied&error_description=Access%20Denied&state=e4476cdd0693fc6cf823aa3dd9bfc141

Their are no more information then that. So it’s not really very usefull, when i go into the monitor part of auth0 i can see that the “issue” is that they has not yet verifyed their e-mail.

This “access denied” issue here is costing us a good amount of money ;(

Here is a user :

Raw data :

{
  "date": "2023-09-23T06:00:33.343Z",
  "type": "f",
  "description": "Access Denied",
  "connection_id": "",
  "client_id": "XX",
  "client_name": "Joybuggy.com Login",
  "ip": "XXX",
  "user_agent": "Firefox 117.0.0 / Windows 10.0.0",
  "details": {
    "body": {},
    "qs": {
      "state": "e4476cdd06dd9bfc141",
      "client_id": "XX",
      "redirect_uri": "https://www.joybuggy.com/en/checkout",
      "scope": "openid profile email",
      "response_mode": "query",
      "response_type": "code",
      "nonce": "0600d00c9f876a512f3181b43990e131",
      "code_challenge": "y9UiqJGbXO_nkrHjyFYJYO6dkEm2eXzq3Y2y3S64k5s",
      "code_challenge_method": "S256"
    },
    "error": {
      "message": "Access Denied",
      "oauthError": "access_denied",
      "type": "oauth-authorization"
    },
    "session_id": "8Bu8sWKttnUDr7m-EvgGvFsdpieLzFuh",
    "actions": {
      "executions": [
        "t2ajUYauRteGLll8MMb6DzIwMjMwOTIz"
      ]
    },
    "stats": {
      "loginsCount": 1
    }
  },
  "hostname": "joybuggy.eu.auth0.com",
  "user_id": "auth0|658589a0f1c7cd7706e",
  "user_name": "@.com",
  "audience": "https://joybuggy.eu.auth0.com/userinfo",
  "scope": [
    "openid",
    "profile",
    "email"
  ],
  "log_id": "90020230923060033408424000000000000001223372037860267257",
  "_id": "90020230923060033408424000000000000001223372037860267257",
  "isMobile": false,
  "id": "90020230923060033408424000000000000001223372037860267257"
}

Context data :

{
  "body": {},
  "qs": {
    "state": "xx",
    "client_id": "xx",
    "redirect_uri": "https://www.joybuggy.com/en/checkout",
    "scope": "openid profile email",
    "response_mode": "query",
    "response_type": "code",
    "nonce": "0600d00c9f876a512f3181b43990e131",
    "code_challenge": "y9UiqJGbXO_nkrHjyFYJYO6dkEm2eXzq3Y2y3S64k5s",
    "code_challenge_method": "S256"
  },
  "error": {
    "message": "Access Denied",
    "oauthError": "access_denied",
    "type": "oauth-authorization"
  },
  "session_id": "-",
  "actions": {
    "executions": [
      "t2ajUYauRteGLll8MMb6DzIwMjMwOTIz"
    ]
  },
  "stats": {
    "loginsCount": 1
  }
}

Skærmbillede 2023-09-23 kl. 11.31.151642×510 31.7 KB

So why do i not get any error messages here on why the user is blocked??

As you see below here we have a good amount of “failed signups” without any information on why other then “access denied” - We can’t even see why, how shell the customer know or our customer support help the customers?

Skærmbillede 2023-09-23 kl. 11.33.061660×1836 260 KB

Below here are my settings, did i set it up wrongly?

Skærmbillede 2023-09-23 kl. 11.37.071682×1732 180 KB

Skærmbillede 2023-09-23 kl. 11.37.202932×1312 205 KB

Skærmbillede 2023-09-23 kl. 11.37.362866×1282 196 KB

Skærmbillede 2023-09-23 kl. 11.38.162182×1472 304 KB

Hi @mbh,

The issue is happening because you have 2 redundant Actions that require users to verify their email before logging in.

Specifically, you need to remove the “Require Email Verification” Integration and keep the custom “Add error message to verify e-mail” Action in your Post Login Action flow.

image2098×2160 225 KB

Thanks,
Rueben

Will the code you provided first here, still force the user to verify the e-mail.?

Hi @mbh,

Yes, the code I provided in my initial response will force the user to verify their email before logging in.

I recommend giving it a try and letting me know how it goes.

Thanks,
Rueben

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.