I’m working with a WordPress site using WooCommerce and the Auth0 AddOn.
When a user makes a purchase before registration, WooCommerce creates a user account via email, followed by a password setup email.
However, when synchronizing with Auth0, an additional “email verification” email is being sent, which is redundant in this scenario.
What’s the most straightforward way to prevent this verification email specifically for this use case, without globally disabling verification emails?
I use the following code snippet in wordpress:
function bq_woocommerce_created_customer( $customer_id, $new_customer_data ) {
$a0_options = WP_Auth0_Options::Instance();
$payload = [
'client_id' => $a0_options->get( 'client_id' ),
'email' => $new_customer_data['user_email'],
'password' => 'sjdfsjdhjk12321AAAjsdfsfhk' . $new_customer_data['user_pass'], // Placeholder that is later changed, but it has to meet minimum password requirements.
'connection' => 'Username-Password-Authentication',
//'email_verified' => true, - tried this option
//'verify_email' => false, - tried this option as well
];
$new_auth0_user = WP_Auth0_Api_Client::signup_user( $a0_options->get( 'domain' ), $payload ); //Verification email is sent after this is complete
if ( $new_auth0_user ) {
$new_auth0_user->sub = 'auth0|' . $new_auth0_user->_id;
unset( $new_auth0_user->_id );
$user_repo = new WP_Auth0_UsersRepo( $a0_options );
$user_repo->update_auth0_object( $customer_id, $new_auth0_user );
// Log success
error_log( 'Woo -> Auth0: New user sent to Auth0: ' . $new_customer_data['user_email'] );
} else {
// Log an error if user creation fails
error_log( 'Woo -> Auth0: Failed to create user in Auth0 for email: ' . $new_customer_data['user_email'] );
}
}
add_action( 'woocommerce_created_customer', 'bq_woocommerce_created_customer', 10, 2 );
As a possible solution for the issue that you are facing regarding redundancy, I would advise to set up Auth0 as IdP for your WordPress site in order to send the user who registers a password reset prompt from our side as per this Knowledge Article. This way, you will force the users to “reset their password” when they register and only send a verification email. However, the user will be stored only on Auth0’s side and you will need to sync the users with WordPress if you wish to have them stored on both platforms.
Otherwise, without disabling the Verification with Link email template, you will not be able to prevent the emails from being sent. I believe for your use case, it is not a bad approach since you actually send an email to the user to create their password and another one to verify their email address upon registration.
If you have any additional questions regarding the matter, feel free to leave a reply on the post.
Now that I know there’s no simple way to achieve this, I’ll leave it as is for now, with the extra verification email being sent.
However, for the future, if I revisit this, I have a question regarding the Auth0 password reset email: Is it possible to (again, as simply as possible) configure the email so that if it’s being sent to a user setting their password for the first time, the text is slightly different compared to a regular password reset email?
Another thought I had during testing was to disable the email verification template and instead send a custom email via a post-user registration action. This way, I could have control over who receives the email and who gets verified automatically. While I managed to send the email successfully, I got stuck on how to retrieve the appropriate verification link.
For your first question regarding customizing the sign up password reset request email, I believe without changing the template that will not be possible.
As advised above in regards to the provided knowledge article, you can follow the Auth0 Forms approach since that way you will prompt new users to change the password via the form which you will be able to customize accordingly. That way, you will not send an email to the users and also be able to customize the password creation flow for them.
For your second questions, it is great o hear that you managed to send an email via Actions, for you to be able to send a verification link alongside it, you can review our documentation about Sending a Email Verification Ticket. This way you will be able to generate a verification link and add it to the email you are trying to send.
Additionally, you can follow the same approach for changing the passwords since in that documentation you have the option to generate a change password ticket as well.
If you have any additional questions, feel free to let me know!