Problem Statement
Some email clients “pre-click” links in emails to visit them and see if they are malicious. This behavior triggers the email verification flow, and when the actual user clicks the link, they receive an error.
Symptoms
Tickets links being pre-traveled before the actual user can click them
Cause
This happens because a GET
request is made to the ticket URL, and once the ticket is consumed, it’s not possible to retry it when using one-time email verification links. Security software that pre-travels verification links consume the ticket URL before the end-user has a chance to use it.
Steps to Reproduce
Pre-travel the link(Just click it twice to see the error the end-user sees)
Solution
As of July 2022, the behavior described in this post is now the default for all Auth0 tenants, old and new. There should be no need to request this feature be enabled for your tenant. If you are experiencing any unexpected behaviors, please open a support ticket or a new thread here in the Community.