Sending Email Invitations For Application Signup

brady · February 4, 2021, 5:29am

Hi Auth0 Community!

I’m trying to implement Send Email Invitations for Application Signup, but am confused on a few things.

For context; I am allowing Admin users to create new users using the Management API, using the new user’s email and setting a random password, with the email_verified flag set to false.

I’ve read the docs linked about 42.5 times, and still cannot seem to understand where to go from there. When the user is created, right now, an email is automatically sent for them to verify their email. I think it makes sense, however, what I really need is for them to set their password (and thus verify their email).

I know that I can create a password reset ticket with the management api, but obviously this can’t be done until the user is created in the database, which, upon creation, is automatically sending email-verification emails. I’d rather not have to send two emails as it would get confusing for users.

Reading the docs led me to believe that I would be able to configure this verification email to be a password reset email instead i.e. from the first three ‘steps’ listed on the page:

User receives an email inviting them to register.

User follows a link to the Set Up Password page.

User creates and verifies a password.

I’m not seeing anything else on that page that mentions emails besides customizing the template to outline the process going forward.

So I guess I’m just not able to read between the lines here. Is there a hook or rule I should be setting up? Am I missing something in my email templates? Should my automatic Email-Verification template be turned off? (I didn’t turn this on in the first place, which is part of the reason why I figured this template could be re-configured to have the user set their password)

Any help is greatly appreciated.

stephanie.chamblee · February 4, 2021, 6:18pm

Hello @brady!

You can accomplish this with a Post User Registration Hook and customizing the Password Change email template.

In the email template section of your dashboard, disable the “Welcome Email” template and the “Email Verification” template by turning off the “Status” toggle. Make sure that “Change Password” is enabled.
Go to Hooks and scroll down to “Post User Registration” and click “Create new hook”
Use the following code to send a password reset email whenever a user is manually created for your tenant:

module.exports = function (user, context, cb) {
  var auth0 = require('auth0@2.32.0');
  var authClient = new auth0.AuthenticationClient({
    domain: 'example-connections.us.auth0.com',
    clientId: 'YOUR_APP_CLIENT_ID',
    clientSecret: 'YOUR_APP_CLIENT_SECRET',
  });

  var userAndConnection = {
    email: user.email,
    connection: 'Username-Password-Authentication',
    connection_id: context.connection.id,
  };

  authClient.requestChangePasswordEmail(userAndConnection, function(err){
    cb(null, user, context);
  });
};

Now when a user is created using the Management API an email will be sent inviting them to change their password.

You will then need to update the email template to make it look more like a welcome email than a change password email. Here are docs on customizing email templates: Customize Email Templates

Related topic: Authenticate and prompt user password change with a single email

brady · February 5, 2021, 2:19am

Thank you so much @stephanie.chamblee ! this is exactly what I needed.

stephanie.chamblee · February 5, 2021, 12:22pm

Great to hear! Let us know if you have any other questions.

system · February 20, 2021, 12:23pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.