How can I accomplish this lifecycle?

pkatta · October 20, 2018, 2:53pm

I have combed through all the documents and cannot figure out how to implement exactly what I need. I need to create a user via an API. The user needs to have email id, password, and last 4 digits of the SSN, and a unique code. The user also needs to have a time to live (like two weeks).

After successful creation of the user account I want to send an email to the user with a link to a login/authentication screen.

When the user clicks on the link, we will present a screen that requires the user to enter emailid, password, and last 4 digits of SSN.

If successful, auth0 needs to forward to a specific url with the unique id that was stored in the created user.

What is the best way to accomplish this?

npatel · October 22, 2018, 10:44am

When user is created you have their email address, last 4 digit of SSN
Create a auth0 user with random password and trigger password reset email
On successful password change, redirect to login page and prompt them for SSN verification as custom MFA service flow

Something with Send Email Invitations for Application Signup & https://auth0.com/docs/multifactor-authentication/custom#use-a-custom-mfa-service

For time to live - You can create a rule like rules/check-last-password-reset.js at master · auth0/rules · GitHub but instead check for user.created_at > 2 week raise Error

konrad.sopala · August 27, 2019, 1:42pm

Hey there!

Sorry for such huge delay in response! We’re doing our best in providing you with best developer support experience out there, but sometimes our bandwidth is not enough comparing to the number of incoming questions.

Wanted to reach out to know if you still require further assistance?