Problem statement
After reviewing the documentation for application signup through email invitations, it is still unclear how to accomplish this. The objective is to have an admin create a user and that user receives an email to set their password which allows them access to a given application.
Is there another step-by-step approach to accomplish this use case?
Solution
The following recipe can be used to send a password reset email after an admin creates a user:
-
Invite a user by creating a new user using the Management API Create a user endpoint, with
email_verifiedset tofalseand a randomly generated password. This password will not be communicated to anyone and will never be used. -
Trigger an interactive password reset flow described in Authentication API), which means sending a request to the Authentication API Create A Password (Change Password) endpoint.
-
Auth0 will then send the
Change Password email template. -
The template can be adapted. The Change Password email template can be edited under Branding > Email Templates in your tenant. Select Change Password from the dropdown and edit both the subject and the body, so it will be an invitation email if the user email is not yet verified and a normal password change email if that has been verified. The subject, for example, is:
{% if user.email_verified %}Change password for{% else %}Welcome to{% endif %} {{ friendly_name }}
-
If the user clicks the link in the email, the Password change page will be shown. This page could be customized as well. This example only customizes the text to make sense for setting the password for the first time after an invitation and resetting the password if the user had triggered the password reset flow themselves.
-
Once the user has set the password, Auth0 will automatically set the
email_verifiedproperty of the user totrueand this invitation workflow can be considered done.