Send a Verification Email from a Post-Login Action

Problem statement

Are there any suggestions available on how an Action could trigger a verification email if the user has not yet verified their email?

In some cases, users will forget to check their email inbox to verify their email. There does not appear to be a very straightforward way of resending these verification emails. When reviewing this older Community post about making a Management API call from an Action, it is still unclear how to implement this or if the directions are outdated.

Solution

NOTE: This is one potential solution and may need to be modified on a case by case basis. Always test any new Actions or integrations thoroughly in a lower environment before moving to production.

Ensure that the clientId and clientSecret variables in the Action come from a Machine-to-Machine (M2M) application such as the ‘API Explorer Application’ which is available on all tenants. More on adding Action secrets can be found here. This application will get a token from the Auth0 Management API required for the email verification job to work in the Action.

exports.onExecutePostLogin = async (event, api) => {
  const ManagementClient = require('auth0').ManagementClient;
  const management = new ManagementClient({
    domain: event.secrets.domain,
    clientId: event.secrets.clientId,
    clientSecret: event.secrets.clientSecret
  });

  const verified = event.user.email_verified;

  // I am slicing off the 'auth0|' prefix of the user_id here
  const userIdWithoutAuth0 = event.user.user_id.slice(6);

  const params = {
    client_id: event.client.client_id,
    user_id: event.user.user_id,
    identity: {
      // Passing the corrected user_id here
      user_id: userIdWithoutAuth0,
      provider: 'auth0'
    }
  };

  if (!verified) {
    management.jobs.verifyEmail(params, function (err) {
      if (err) {
        console.log(err)
      }
    });
  }
};

Further reference to the available methods for the ManagementClient can be found here.