Hi,
There are a lot of topics about this issue but neither covers my story totally. The most similar is this one: Session Invalid After Updating Email
So what I’d like to do here:
- User clicks on ‘change email’
- User verifies their password in a popup
- User sets a new email address in the same popup
- Backend sends verification code in the background to the new email address
- Users copies the code to the same popup we used before and submits it
- Backend checks the verification code and updates email address via auth0 management API
(There’s also another workflow for the case when the user needs to finish the process at a later time. For this case, there’s a substitute link too in the verification email and we verify the email address on a designated page. The problem is the same.)
At this point, the user is logged out the moment they refresh the page (just like mentioned in the topic above). Is there any way to keep the user logged in with the new email address?