I am currently developing a feature for our project’s web application which restricts user registration only to be accessible when a currently existing user (an admin) sends an invitation with our internal backend. My general idea was:
Admin fill in form to send email for invitation. Email invitation may also include an URL for password change ticket if user account is created before.
The newly created user will be created with Auth0 Management API or the record can be cached temporarily with minimal until the invitee registers on their own and creates their own password.
After successful creation, they will be redirected to the main page. System creates the user on the application’s database.
I have some concerns:
I tried to use this password change API but currently not getting email. I received status 200 and the response said that “We’ve just sent you an email to reset your password.” (may it have to do something with the recent AWS outage?)
How should we apply the right email template? Do we need to modify in the email template in Branding because the password change API is only pertaining to that specific purpose only?
So far, I was referencing from the Guide: Customize → Send Email Invitations for Application Signup, I can’t seem to embed the link in the post here (sorry for any inconvenience).
Thank you for the help in advance. I would be glad to provide more context if needed.
Moreover, for development purpose, how can I set my current local web application server (Next.js 15+) to be running under TLS certificate so it can be set as a universal login URI (This URI needs to point to a route in your application that should redirect to your tenant’s /authorizeendpoint. quoted from the application setting).
I tried to use this password change API but currently not getting email. I received status 200 and the response said that “We’ve just sent you an email to reset your password.” (may it have to do something with the recent AWS outage?)
As long as the the correct client_id , connection and email of the user has been provided, it should send the appropriate change password email to the user. Unless the test email was hosted by a domain which experienced an outage or if the password change emails might be blocked on the providers end, the user should receive them normally.
I would recommend using different test emails, if the issue persists, let me know.
How should we apply the right email template? Do we need to modify in the email template in Branding because the password change API is only pertaining to that specific purpose only?
The email template must indeed be changed within the Auth0 Dashboard under Branding → Emails Templates → Change Password (Link). As mentioned in our documentation, you need to set up an external smtp provider in order to send customized emails, otherwise, a default template will be used.
Otherwise, the use case you have presented above is supported by Auth0 and you should not have further issues in implementing it.
If you have any other questions or issues, let me know!