My users need to be able to update their email addresses (as is possible in every application). Because typos happen I want them to verify their email address before the email is updated.
I came to Auth0 because I do not want to implement anything security related myself. Having to handle claims of users that bricked their account because of a typo through customer support is unacceptable and having to implement this basic feature of sending out a verification email before using the Management API to update the email kind of defeats the purpose of using Auth0, especially since there’s a very similar flow already that enables users to change their password.
I’ve spent quite some time looking for the answer to this question and it seems that Auth0 has ignored developers on this topic for years now.
I would like to know how Auth0 recommends doing this and why Auth0 has been refusing to implement this flow even though developers have been asking for for this feature for years now. Is there something I’m missing?
Also: Why is there no Action that I can use to trigger a webhook after a user has been updated? This makes implementing this myself much much harder.