Can password reset also serve to verify a user's email address?

Joe_Tillotson · January 26, 2018, 5:11am

Hey Auth0 community, variations on this question have been asked before, but I don’t see any that are exactly this:

“It would be very convenient if a password reset could also act as an email verification. Can this be accomplished now? (pretty sure not), and if not, can it be added as an Auth0 feature?”

Today a user can sign up (with an email account), not yet verify the email of their new email-based account, then successfully reset their password, still having “email_verified=false” in their profile. Arguably they cannot have reset their password without having (in effect) verified their email address.

In our system we prevent people from ‘logging in’ until they have verified their email, so in our case a user can reset their password, and then 5 seconds later (try to) log in, only to see an error message telling them to please verify their account.

James.Morrison · December 14, 2018, 6:15pm

As it has been more than a few months since this topic was opened, and there has been no reply or further information provided as to the existence of the issue, we are closing this topic. Please don’t hesitate to create a new topic if this issue is still present, we would be happy to work with you to help find a resolution.

Topic		Replies	Views
Prevent password reset verifying email address Help password-reset , verify-email	2	3872	September 2, 2019
User's email_verified Flag to be Set to True once the User Reset their Password Knowledge Articles password-reset , email-verified	1	380	March 22, 2024
Password Reset, Help login-experience , reset-password-prompt-new-experience	2	291	March 29, 2024
New User Verification and Password Reset Help	2	2340	December 22, 2022
Want help with user verification mail Help login-experience , reset-password-prompt-new-experience	3	297	March 7, 2024

Can password reset also serve to verify a user's email address?

Related Topics