Auth0 Home Blog Docs

Check if email_verified without signing in again.

email_verified

#1

I’m currently using the v8 version of auth0.js
I’m successfully able to find out if the user’s email is verified with this call

function getUserInfo()  {
    var deferred = $q.defer();
    accessToken = localStorage.getItem('accessToken');
    webAuth.client.userInfo(accessToken, function(err, userInfo) {
        if (err) {
            deferred.reject('Can not get user info');
        } else {
            userInfo = userInfo;
            deferred.resolve(userInfo);
        }
});

With this information I’m showing an alert that the user has not verified their email. I make this call with the access token every time they hit the my account page. Even if the user verifies their email the response says that they have not. I’m assuming that is because the access token isn’t aware that has happened in anyway and isn’t updating.

Is there a way I can make a call and it will return email_verified without the user having to log out and back in?


Auth0 returns a stale userInfo
#2

Update@2017-10-31: The situation does not seem to be an issue anymore; see the answer in the linked question below for more information.


Based on the information you provided this seems to be a known issue that was already reported; we are tracking the issue in our backlog, but at this time I can’t provide you with a definitive timeline for when it will be addressed. The previous report is this one: Calling user info endpoint returns stale information for email verified attribute.

In terms of workaround, if you’re able to perform a call to a back-end/API that you own and then from that back-end/API perform a Management API call to retrieve the user information then you should be able to obtain up-to-date information about the email verification state. The reason you should proxy this call through your own back-end/API is that the process to obtain a token to call the Management API is not suitable for browser-based applications.


#3