Can I re-send email verification notification to linked account?

Get Help
,
1

Currently, I used facebook to login. but it doesnt return any email by default. So what i did was to just create username-password authentication and linked to facebook.but when im trying to resend email verification, it says user not found. So my question is, Can I really resend email to linked account?

BTW was able to receive initial email verification on that email after creating. but resend doesnt work:

try {

  const domain = await this.parameterService.get(Config.AUTH0_DOMAIN);

  const clientSecret = await this.parameterService.get(

    Config.AUTH0_CLIENT_SECRET

  );

  const clientId = await this.parameterService.get(Config.AUTH0_CLIENT_ID);

  const audience = await this.getAudience();

  const management = await this.getAuth0Management();

  const { data: user } = await management.users.get({ id: authId });

  const dbIdentity = user.identities?.find((i) => i.provider === 'auth0');

  // Get Management API token with update:users scope

  const tokenResponse = await fetch(\`https://${domain}/oauth/token\`, {

    method: 'POST',

    headers: { 'Content-Type': 'application/json' },

    body: JSON.stringify({

      client_id: clientId,

      client_secret: clientSecret,

      audience: audience,

      grant_type: 'client_credentials',

      scope: 'update:users',

    }),

  });

  if (!tokenResponse.ok) {

    throw new Error('Failed to get Auth0 management token');

  }

  const tokenData = await tokenResponse.json();

  const accessToken = tokenData.access_token;

  // Create email verification job

  const jobResponse = await fetch(\`${audience}jobs/verification-email\`, {

    method: 'POST',

    headers: {

      Authorization: \`Bearer ${accessToken}\`,

      'Content-Type': 'application/json',

      Accept: 'application/json',

    },

    body: JSON.stringify({

      user_id: \`${dbIdentity.provider}|${dbIdentity.user_id}\`,

      client_id: clientId,

    }),

  });

  if (!jobResponse.ok) {

    const errorData = await jobResponse.json();

    throw new Error(

      \`Auth0 API error: ${errorData.message || 'Unknown error'}\`

    );

  }

} catch (err) {

  throw new BadRequestException(

    \`Failed to resend email verification: ${(err as Error).message}\`

  );

}

the dbIdentity has this sample output:

{
profileData: { email: ā€˜test+601@example.comā€™, email_verified: false },
connection: ā€˜Username-Password-Authenticationā€™,
user_id: ā€˜68f738efde12526d11f1f441ā€™,
provider: ā€˜auth0ā€™,
isSocial: false
}

2

Hi @teodor.andrei can you help me

4

Hi @onshout_dev!

Yes, you can absolutely resend a verification email to a linked account.

The ā€œuser not foundā€ error youā€™re seeing is likely because the user_id being sent to the verification job is pointing to the secondary (linked) identity, which is no longer a top-level user after being linked. You should send the user_id of the primary account instead.

Can you please try this in your verification request?

user_id: authId

instead of user_id: `${dbIdentity.provider}|${dbIdentity.user_id}`,

Let me know if it still doesnā€™t work, and Iā€™ll look further into it.

Kind regards,
Teodor.

5

but my original authId is the facebook. and my facebook doesnt have any emails, will it still work? @teodor.andrei

i dont think it will, it will just say no email on this profile something like that

6

Hi again @onshout_dev !

Now that they are linked, the user from facebook should have the email of the Username-Password connection, I believe.

Have you tried and it failed?

7

I just tried again and it failed , as expected on my previous chat, hereā€™s the full error: `BadRequestException: Failed to resend email verification: Auth0 API error: The user does not have an email`

@teodor.andrei

8

Ah I see, @onshout_dev .

The primary profile doesnā€™t have the email at the root level, so I think you will have to add a request to PATCH the email to the root level email of the new profile resulting from linking before sending the verification.

9

Hi @teodor.andrei ,

Iā€™ve already tried it yesterday

this only works if the primary identity is a DB (Username-Password-Authentication) account. If the primary is a social identity (e.g., Facebook), you CANNOT PATCH the email. Auth0 will reject the update because social identity emails are managed by the provider.

10

Ok then @onshout_dev, Iā€™ll look more into it and get back to you as soon as possible.

Thank you for your patience!
Teodor.

1 Like
11

thanks, will wait for your feedback

12

Hi again @onshout_dev !

Can you please give this a try?

const jobResponse = await fetch(\`${audience}jobs/verification-email\`, {
    method: 'POST',
    headers: {
      Authorization: \`Bearer ${accessToken}\`,
      'Content-Type': 'application/json',
      Accept: 'application/json',
    },
    body: JSON.stringify({
      user_id: authId,
      client_id: clientId,
      identity: {
        provider: dbIdentity.provider,
        user_id: dbIdentity.user_id
      }
    }),
  });

Kind regards,
Teodor.