We currently have several registration & reset password flows that prior to Auth0 once a user verified their email or reset their password we would simply auto login (without them re-entering their credentials. As a side note: We’re currently leveraging your signup API for most of our users that register on our existing website so we can maintain a consistent experience on our website.
We also have a batch API that our channel partners bulk register users with. As we don’t have the user’s password we force a reset password flow for these users (for reset password we’re using the Auth0 hosted widget).
We’re trying to avoid users needing to re-authenticate after something like password reset or email verification on registration. Are there any approaches you can recommend. I can share a link to a sequence diagram if that’s helpful.