How to send an email verification (with code) and require it to verify email after signup?

Let’s assume scenario (email-passoword authentication , no socials)

  1. On the first screen, the user signs in and in the background receives a verification email (with a verification code, something like a passwordless login)
  2. On the next screen, the user has to enter the verification code from this email
  3. Entering the correct code set email_verified = true and triggers a success callback to the application

If the user does not enter the code at point 2 and returns to log in again, after entering the login& password, the screen from point 2 will be shown to him - please enter the code

To implement such a scenario, it is enough to change the rules, email templates and Customize Login Page or does it require writing your own application using Auth0 SDK :(?

The assumption is to isolate the applications (many applications) from the account creation logic (the application does not need to know if the user has correctly passed the account verification procedure - it is sure that if he logged in and returned, he has a confirmed account). Mayby another advise how to achieve this (even with magic link)

did you solve this? I’d also be interested to implement such a flow, and frankly expected this to be one click away in the Auth0 settings. Google searches brought me here :D.


1 Like

Hi Lena
Unfortunately, we had to handle the unverified email on the application side. The only thing that helped us on the Auth0 side, the “Force email verification” rule. The application detects unverified emails and displays the appropriate message without sharing the data.

1 Like

Thanks for sharing that with the rest of community!