Can I use classic universal login and password reset ticket?


I’m trying to implement auth0’s user onboarding flow similar to what’s described here.

My use case is the “Invite” only is similar to that post where there is no sign up page and I invite users to our applications. The accepted answer mentions about generating a password change/reset ticket and needing to use non-auth0 emails. This implies that the email templates must be disabled.

My question is, do I need to turn off the universal classic login lock UI that auth0 provides to implement this?

I’m trying to figure out the scope of how big the changes need to be for the implementation. I don’t want to rebuild login UIs, if I don’t have to. :slight_smile:


Hi @mohammadz,

You can continue to use the Classic Universal Login Experience for this flow! In your Universal Login template (from your dashboard, Branding > Universal Login > Login tab), if you are using Lock, you can make sure that the signup option will not be displayed by using the allowSingup setting.

You can either create a password-change ticket, or you can use the Management API to send a password change email instead. You can customize this email to look like a welcome email by configuring an email provider (Branding > Email Provider) and customizing the “Change Password” template (Branding > Email Templates). You will need to disable the welcome and verification email for this flow which you can do from the Email Templates settings.

In this topic, I break down the steps for invite-only flow:

Also, here is a guide from our documentation that covers an invite-only flow:

1 Like

Hi @stephanie.chamblee thanks for the info. I was able to set this up using the link you provided.

This is great but I have another question regarding customizing the “Change Password” template.

Is it possible to make some parts of the message body dynamic for the email?

I don’t know if the capability of switching between multiple template styles is available to me. The reason for this is that the “invite-only” user should have a more welcoming message in body. “Forget your password?” email template should be the standard message that’s already there.

Once you set up an email provider, you can use liquid syntax to customize the template and add logic. You can conditionally render like so:

{% if user.user_metadata.lang == 'en' %} [email body in English] {% elsif user.user_metadata.lang == 'de' %} [email body in German] {% endif %}

You could create the user with a flag stored in their app_metadata that indicates whether they should receive a welcome message or not (for example, user.app_metadata.welcomeSent). The email template could look for this flag to conditionally render the welcome message in the change password email. You could then add a rule that updates the value of user.app_metadata.welcomeSent to true so that if they request a password change on subsequent logins they will not see the welcome message:

function(user, context, callback){
  user.app_metadata = user.app_metadata || {};
  user.app_metadata.welcomeSent = true;
  callback(null, user, context);

Here are some articles with more information about customizing email templates and using rules to update metadata:

Hi I tried all of this out and it works. I changed the solution to match the original question.
Thanks for the information.

1 Like

Thanks for the update @mohammadz! Glad to hear it is working for you.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.