@olaj we could create a new Rule using the Force email verification template, and customize it to add logic for automatically sending email verification on a login attempt from a user with an unverified email address:
function (user, context, callback) {
if (!user.email_verified) {
// Combine with a call to our Management API, to trigger an email verification:
// https://auth0.com/docs/api/management/v2#!/Jobs/post_verification_email
// To avoid multiple email verification emails to be triggered in a short amount of time,
// use user.app_metadata to store the last time you sent the email verification,
// and don't automatically send a new one until a few minutes later
return callback(new UnauthorizedError('Please verify your email before logging in.'));
} else {
return callback(null, user, context);
}
}
Would this work for you?