Email Verified but still shows as email_verified = false

Hi- made a system to verify my user’s emails in order for them to take certain actions on my page.

The email verification gets sent properly, and the users are able to verify their emails, and in the user’s page on my dashboard, the users show that they are properly email verified.

Here’s an example of a user that verified their email (it’s a test user)

{
    "created_at": "2024-03-05T07:44:43.363Z",
    "email": "test@gmail.com",
    "email_verified": true,
    "identities": [
        {
            "connection": "Username-Password-Authentication",
            "provider": "auth0",
            "user_id": "65e6cd6bf78d9534b3d612ca",
            "isSocial": false
        }
    ],
    "name": "test@gmail.com",
    "nickname": "socialgpt001",
    "picture": "https://s.gravatar.com/avatar/122877aa5583b419c685a97f040b55c5?s=480&r=pg&d=https%3A%2F%2Fcdn.auth0.com%2Favatars%2Fso.png",
    "updated_at": "2024-03-12T20:49:46.344Z",
    "user_id": "auth0|65e6cd6bf78d9534b3d612ca",
    "username": "redquill_bot",
    "last_ip": "47.157.41.165",
    "last_login": "2024-03-12T05:16:52.225Z",
    "logins_count": 6,
    "blocked_for": [],
    "guardian_authenticators": [],
    "passkeys": []
}

However when using “@auth0/nextjs-auth0” npm package for my nextjs project, I do a simple:

const { user } = useUser();
console.log("user", user);

and I get the following result

{
    "nickname": "test",
    "name": "test@gmail.com",
    "picture": "https://s.gravatar.com/avatar/122877aa5583b419c685a97f040b55c5?s=480&r=pg&d=https%3A%2F%2Fcdn.auth0.com%2Favatars%2Fso.png",
    "updated_at": "2024-03-12T01:27:15.123Z",
    "email": "socialgpt001@gmail.com",
    "email_verified": false,
    "sub": "auth0|65e6cd6bf78d9534b3d612ca",
    "sid": "QNG_i5CtQUKpqxFi4zqS1piW0UHN5gZP"
}

As you can see, the email_verified field is false, which makes my feature impossible to gate.

Why is there this mismatch? Please help I cannot release a lot of features because of this!

Thanks

Hi @brandonjunus2,

Welcome to the Auth0 Community!

I noticed in your logs that the user has the "email_verified": true and was "updated_at": "2024-03-12T20:49:46.344Z".

However, the user you queried shows the "email_verified": false and was "updated_at": "2024-03-12T01:27:15.123Z".

Based on those details, it seems like the user’s email is verified according to the timestamps.

Is this not the case when you check on the user’s profile on the Auth0 Dashboard?

Hi @ruben.tiow thanks for the reply.

Yesterday, when I checked, I was able to verify the email. When I checked the dashboard, it showed that “email_verified” = true, however, when I checked via the auth0/nextjs library, “email_verified” = false. Most interestingly, when I checked via the raw API (literally made a fetch request to, see Auth0 Management API v2) it returns “email_verified = true”

This morning, when I checked back again, the auth0/nextjs api shows “email_verified” = true.

This leads me to believe there’s something wrong with the actual auth0/nextjs library. Maybe it hits some cache or something that makes it so the correct update is delayed. This is extremely bad for my usecase though, as I want users to verify their email before they can take an action, and they should be able to do it immediately and not have to wait for a full day

Hi @brandonjunus2,

Thank you for your response.

Yes, it seems the authentication state used a cached state. This is likely why the timestamps show that they are not in chronological order.

You will usually want to refetch the profile when this happens so that the authentication state and profile information are up to date with any changes that might have occurred since the last fetch, such as the email verified field.

For example:

const { user } = useUser({ refetch: true });

(Reference: HandleProfile | @auth0/nextjs-auth0)

Please let me know if you have any questions.

Cheers,
Rueben

ahh didn’t know i could do that, i’ll give it a try. thanks

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.