We are sending a POST request to create a new user (create user doc.
We are receiving the verification email although the verify_email field is false, both through postman and programmatically.
To give some context - we want to create a user in Auth0 and later verify his email.
Could you please advise?
By default, a verification email gets sent to every user with the email_verified property set to false.
Moreover, if you plan to create users and send the verification email at a later time, please see this doc to learn more on customizing the email verification flow.
Hi @rueben.tiow
Thanks for the quick reply.
My intention is to create a user with email_verified false and not send the verification email.
According to the API documentation:
“Whether the user will receive a verification email after creation (true) or no email (false). Overrides behavior of email_verified parameter.”
What is the correct way to achieve my intention above?
For this scenario, there is the option to create the user with the verify_email: false property to prevent the verification email from being sent to them.
Then, at a future time, you can create an email verification ticket by calling the Management API Create an email verification ticket endpoint and sending it to the user to verify their email addresses.
Unfortunately, there isn’t an endpoint for SMS verification. Moreover, you can only verify users with their email addresses.
After testing, I did not find the same observations as you. Instead, I could create a new user with the email_verify: false property that prevented the email verification from being sent to them.
Please let me know if you have any further questions
I have tested this with both verify_email set to true and false and managed to get the expected outcomes, namely sending or not sending the verification email.
Hi @rueben.tiow,
I didn’t mention it before but we are creating only users with an email connection and later using the Auth0 passwordless for authentication. So the Username-Password-Authentication connection is not relevant for us.
It means the user does not have a password, and from Auth0 docs it is an optional param: Auth0 Management API v2
but I still get an email when creating a new user (although the verify_email is false).
Can you please help us to figure out how to achieve this with an email connection?
Thank you!
After testing further in a Passwordless Email User scenario, I found that the Verification Email is not supported for Passwordless Email users.
When I created a new Passwordless Email User using "verify_email": false, I did not receive any verification emails. Similarly, I did not receive any verification emails when creating a new Passwordless Email user with the "verify_email" property omitted, with the payload below:
This is consistent with my findings when trying to send a Verification Email using the Management API’s Send an email address verification email endpoint to a Passwordless Email User:
Hi @rueben.tiow, I believe that the mail they are speaking about is not the “verification email”.
I have the same issue, when I create a new user (“connection”: “email”) through API, the new user receive a sign-in email (the same email that a user receive when he tries to login to the application).
Is there a way to prevent the sign-in email to be sent after a user creation through API?
If you have a moment, could you please take a minute to submit a feedback request asking for support to prevent the sign-in email from being sent to a newly created Passwordless user?
I noticed that this “sign-in email” is not sent to a newly created Passwordless user, if the user is created using: “email_verified”: true
So, this “sign-in email” should not be prevented also if the user is created using “verify_email”: false?
I can also confirm that the verification email was still being sent when creating a user with { connection: email, verify_email: false }. I have also disabled the verification email template.
For anyone else trying to figure out how to create a user and prevent the email from being sent, my current hack/solution as to set { connection: email, email_verified: true } when creating the user and then immediately updating the user with { email_verified: false } in order to prevent the initial verification email from being sent. I then send a magic link with a separate request.