I am trying to register a user from management api v2. ie api/v2/users. Sign up form is hosted in my application.
API is creating a user in auth0 and sending the verification email to user(which I enabled).
But after the verification I want to send user to directly in logged in state. Which will be possible if I will have access_token in the url.
But the url only contains these fields :
Is there a way I can append access_token to url in the email template, so I ll have user verified in my app.
It is not possible to achieve that from within the verification email template as there’s no way to include an access token or any other token in the URL that is called after verification.
If you want to treat the end-user as authenticated you should be doing so immediately after signup. For example:
- User signups and immediately logins into the application (at this time the email is unverified and you can include that information in the issued tokens)
- The client application receives the tokens and detects that email verification has not yet been completed so it denies access to the rest of the application and just instructs the end-user to complete the email verification.
- The redirect URL of the verification email template when accessed triggers a re-authentication that can be done without user interaction as long as the initial authentication created a session in your Auth0 tenant/domain.
- The client application receives new tokens and this time the tokens can reflect that the email was already verified so it lets the user access the rest of the application.