I set up an Auth0 connection database, configured as a custom database with automatic migration turned on. Working great in general. I also successfully set up a rule to force email verification, needed for new signing up users and old users with unverified emails.
Of course, all migrated users are forced to verify their email address; but my biz requirement is that’s should happen just for the users who haven’t verified their email yet, it’s annoying forcing it for old users with already verified emails.
I have a source field for that on the legacy DB, but I’m not sure how I can migrate the user including the verified_email state. My current scripts for the custom database returns these values:
Your Custom Database scripts can do anything you’d like, at all. This means that you should be able to edit them in order to pull the value in there as well and to set that boolean within the Auth0 User Profile. I think that you want to set the email_verified value.
Thanks for the answer @joseantonio.rey. AFAIK that operation shouldn’t be done in GetUser script or Login script because both can be called before the profile actually gets created on the Auth0 side. In what script should I include that operation?
I actually suggest that you put it in both of them. In the Login script, because that’s when the Auth0 profile is built/updated, and in the Get User script for some other more edge-case scenarios (for example, when a user changes their password but doesn’t log in).
Maybe I understand some things the wrong way. Sorry to insist but just to be sure, I configure the legacy DB on automatic migration, the documented workflow implies the Login script is called only once for each user.
Notice the step “Store the user … in Auth0 database” is after asking legacy login.
Notice the question “Is the user in Auth0?” doesn’t go to ask Login second time.
I am very sorry - I missed the part where you mentioned you had importing on!
So, you could amend this with the scenarios that I mentioned for new users. However, for all of your existing users, there is no way to embed this within your Custom DB Login Scripts.
What I recommend that you do here is that you get a list of users you have already imported, correlate it with your database, and use the Management API v2 to patch those. Otherwise, you can delete the users from Auth0. Once they log in again, they will get imported from your legacy datastore again, with the correct value (considering that you have previously amended your scripts).
Oh, but don’t worry about actually existing users, I’m just running all this on a staging environment, running all the scenarios over an over.
The point is when the script executes the account doesn’t exists on Auth0 yet, so the Management API won’t work. Due to the workflow, when the account gets created then the scripts didn’t execute.
What if I create an “Enrich profile” kind of Rule or Hook?
@nils Then, as I previously mentioned, you just need to edit your Login script to get that property as well, and set it to the email_verified key. Just like your script creates a profile that has user_id, email, and other stuff, you just need to add a line to include email_verified in the profile, and populate it with the correct data from your legacy datastore. The data you add to the profile when importing is totally up to you.
Great! that helps. I’ll try it right away. Honestly, I already tried a bit, but only added the field to the GetUser script and not to the Login script, and didn’t work.
Also, I couldn’t find precise documentation about it, so, didn’t know for that field if I should returns true or "true" in the JSON.
I confirm it’s working now. The field email_verified should be returned on both “GetUser” and “Login” scripts as a boolean on the JSON passed to the callback function.