Should I add a button in the template which both makes an API call to accept the invitation and calls the endpoint to send a reset-password email?
Another way would be to create a action which is called when a user is called to call the reset-password email endpoint, is there some way I can add information to that endpoint which adds query-parameters to the reset-password page?
Let me clarify that the Send Email Invitations for Application Signup documentation describes using only one flow to send email invitations for application sign-up. Specifically, you will need to customize a change password email template to be repurposed as an invitation. Then you will have to call the Management API’s Create a password change ticket endpoint to generate a change password ticket, which you will need to take and send to the user.
In essence, you will need to follow these steps:
Administrator creates a user account.
Administrator sends a registration email invitation to the user.
User follows a link in the invitation email to set up a password for the account.
User creates and verifies a password.
User signs in.
Just to circle back, you will not need to add a button to your email template, but rather, generate the email ticket and send it to the user.
For Step 2. you will need to use the Auth0 Management API Create a Password Change Ticket endpoint, and then send the password change ticket URL in an email to the user. When the user clicks the link, they will be prompted to reset their password through the Universal Login flow.
Then to pass in additional query parameters, you can specify them after the # symbol in the change password ticket URL.
For example, if the Change password URL looks something like the following:
Finally, let me add that calling https://{yourDomain}/dbconnections/change_password? does not allow you to include additional query parameters. Therefore, you will need to use the Management API to create a change password ticket to add the query parameters in the URL.
If you require additional query parameters, calling the /api/v2/tickets/password-change endpoint will let you append them to the ticket URL. Then you can send that email using an external mail service to send it to the user.
The easier option, which you have mentioned, is to call the /dbconnections/change_password? endpoint instead. If you choose this option, Auth0 will handle sending the email for you. But you won’t be able to pass additional query parameters. One workaround to this may be to leverage user_metadata or app_metadata.