Testing emails using the auth0 web dashboard. I send test emails and it says: “Email was successfully sent” but it LIES. Emails are not sent.
I am guessing this is hooking into the same code that the rest of the site uses where the success of the sent email is effectively a secret. If so it would be nice if the dashboard had a piece of text that explains this somehow and encourages the admin to double check the log.
For reference I found out the issue, my SMTP provider was rejecting the request (as seen in the auth0 logs) and the reason was I was trying to send it as a different “from” than the name of the account (which my SMTP provider rejected).
I just wanted to point out I wasted a fair bit of time before concluding that auth0 hadn’t successfully sent the mail which led me to check the logs. I trusted you guys :(. (j/k, I still love you).
This is a “security through obscurity” feature. The point is to not leak information about valid email addresses, though its actual value is questionable. Another poster pointed out the login / signup forms will leak this information anyway.
Right, my point being that I’m an admin in the dashboard. I can just delete and recreate accounts at will.
I mean sure, I guess in some odd scenario where you have multiple admins in a dashboard and some admins shouldn’t be able to see certain databases it might make sense. However this is literally me testing some Email template customisation changes (using the Try button) and the dashboard telling me that “Email was successfully sent”.
I would suggest we add some text to the dashboard near the “Try” button in customisation pointing out that it might be lying and to check the logs.