Auth0 Home Blog Docs

Is there any way to invite users to the application?



I want something like- ‘Admin sends an invitation mail to a person and if the person accepts the invitation, he gets added as a user’.


Yes, Auth0 has the Invite-only Applications feature, as you can see here:


Thanks, @paulimar.angulo for your reply. I’m already aware of this invite-only application, but I’m looking for something as simple as dashboard admin invite feature of auth0.


@prakharkumar79 Can you please describe what is the exact flow you are looking for?


Thanks, @paulimar.angulo for showing interest and responding. With the help of this wonderfull community, I’ve figured out a way to achieve this feature.


@prakharkumar79 - can you share what you did in the end?


In order to implement the User Invite flow I did the following:-

  1. Used Auth0 Management API’s Create User endpoint to create a user by using the email id entered by the admin and a random password generated using an npm package.

  2. Customized the ‘Change Password’ email template to give it a look and feel of an invitation email.

  3. Customized the Auth0 Hosted Password Reset Page to align it with the UI of the application.

  4. Used Auth0 Authentication API’s Change Password endpoint to send the invitation email.

  5. The invited user can reset the password using the link provided in the invitation email.

  6. Redirected the user to the login page. Now the user can log in to the application.


Thanks @prakharkumar79, that sounds a lot simpler than the invite-only applications flow. I’ll give it a go…the only problem I can see is ensuring that the password reset email still sounds enough like a password reset email when people do actually want to reset their passwords…
Thanks again


In that case you have to use some other template like verification email template instead of change password template. But then you have to do some extra work. First, you have to generate reset password link by using Create a Password Change Ticket endpoint and store this link in the created user’s app_metadata. Second, you have to use liquid syntax in the verification email template to access the link stored in the user’s app_metadata ( like this- {{}} ).


I used this method and it was successful at first, but now we’re seeing how features are lost by using the system differently than intended. For example, adding custom fields at signup ( can’t happen with this workflow. It would be great if the version of invitation-only signups we are discussing here could be given full support by Auth0.


Agreed @ethan. I still haven’t quite firmed up how I’m going to do this and note that the tutorial linked to by @paulimar.angulo seems to have changed recently. That seems to be a very sensible workflow for invite-only applications but what I am looking for (and which I think must be a very common scenario) is an allowing normal sign-up (and therefore has all the ‘normal’ Auth0 features) but which also allows users to invite other users to join by adding them to some sort of group within the application. I’ll try to remember to post back here if I get it working.


I find that invite-only tutorial odd. What I take to be the standard invitation-only scenario is one where a permitted user submits one or more email addresses, the owners of which receive an invitation email with a short-lived but fully self-authorizing link to create a new user account. That’s it.


@paulimar.angulo this is about an invite workflow, not “invite only” - the difference is the word “only”. The invite-only workflow is clearly tailored to internal use only as users are sent email verification and password reset links straight off the bat - which would be super weird if you just got them out of the blue having no knowledge of what you’ve been signed up to.


I’ve done something similar, where users apply and are then approved, using a passwordless login flow.

  1. The user fills in a signup form which adds them to Auth0 via the API.
  2. When approved, our code sets an approved flag and triggers a one-time passwordless email via the API.
  3. The user follows the link, and is then automatically logged in to the app. Before they’re activated, they can’t log in as a rule checks the approved flag.