We need to create users within our application, so we are using the management API to create them.
The users are created as such:
var request = new UserCreateRequest
{
Connection = ConnectionName,
Email = email,
VerifyEmail = false,
EmailVerified = false,
FullName = $"{firstName} {lastName}".Trim(),
NickName = firstName ?? lastName,
FirstName = firstName,
LastName = lastName,
Password = RandomHelper.RandomPassword(30, 40),
};
var user = await Connection.Users.CreateAsync(request);
Then immediately after we send a password reset to the new user:
var request = new PasswordChangeTicketRequest
{
UserId = remoteId,
Ttl = _auth0ApiConfiguration.EmailVerificationExpiryInDays * 24 * 60 * 60,
ResultUrl = $"{ApplicationRootUrl}/auth/login?fromSignIn=true"
};
var passwordTicket = await Connection.Tickets.CreatePasswordChangeTicketAsync(request);
var request = new EmailVerificationTicketRequest
{
UserId = user.UserId,
Ttl = _auth0ApiConfiguration.EmailVerificationExpiryInDays * 24 * 60 * 60,
ResultUrl = passwordTicket.Value,
};
var verificationTicket = await Connection.Tickets.CreateEmailVerificationTicketAsync(request);
var url = verificationTicket.Value;
SendVerificationEmail(email, url);
When the user clicks on the link in the email, their email is verified and they are taken to the password reset screen. This is good.
However, after they change their password, nothing happens. This is very confusing to the user. Should they not be take to the URL passed in the ResultUrl? It did when we were using the classic login, but since changing to the Universal login this no longer works.
I set the login URI for the tenant, which works kind of… It gives the user a button that says ‘Back to All applications’ which will take the user to the login URL. I know I can customize the text of this button. It isn’t ideal, as it isn’t very dynamic.
Is there a better way to do this?