UN-verified email - resend Verification Email via Action

Help
,
1

I’ve seen several posts (with outdated links to documentation, incorrect code, etc…) so Hoping someone can simply provide a working solution of code that can be copied/pasted into an Action, that will be Triggered in Post-Login. Like many others, I want to create an Action for ALL users, regardless of the app, that will simply re-send the user another verification email if they login with an Un-verified email address then I’d lke to redirect them to a HTML page that simply says “You need to Verify your Email - please check your in box”. Personally, I do not understand why this is not just a check-box somewhere. I went to this Artice: Send a Verification Email from a Post-Login Action and that code snippet simply does not work.
This code does a simple re-direct:
exports.onExecutePostLogin = async (event, api) => {
if (!event.user.email_verified) {
// Redirect to a custom page or simply show the message.
api.redirect.sendUserTo(“https:///verify-email”);
}
};

so, help me understand why the code necessary to simply send a verification email. It clearly exists already as in Users > (more Actions “there dots”) there is Send Verification Email. Can that please be shared?

2

Hi,

You can only trigger an email by using an endpoint with an action. I reviewed the script, and it looks correct to me. If it is not working, you can write your own logic to trigger this. I also verified that the above code passes as well. You can use the access.deny method to deny access if the user’s email is not verified.

You mentioned the script is not working, you may missed to set Client ID and secret in Auth0 actions to run the action. Review the code and let me know if you still faced any issues.

4

Hi @mikesATvoitrai

Welcome to the Auth0 Community!

Thank you for posting your question. It’s a great idea to introduce this kind of checkbox in the dashboard in a plug-and-play fashion. I encourage you to open a new thread in the Feedback category with your use case explained. However, you can achieve a similar experience by using Forms with a post-login action to check if the user’s email is verified, render a proper form, and allow or deny access to your application.

In the Forms, you’ll need only a Step with a Text or rich text attribute that tells your users to Verify their email addresses. Within an Action, you’ll check if the user’s email address is verified and, based on that, render a form informing your users to check the inbox. In the onContinuePostLogin, you can conditionally deny access to your application if the user email is still unverified or apply your logic here.

Link to that docs about Forms

Thanks
Dawid

5

ok. made a simple solution in ~50 lines.:
(can someone tell me why this is not in Template For Actions: https://manage.auth0.com/dashboard/us/dev-x6csabfjjyjyfq7u/actions/library/templates) ???

exports.onExecutePostLogin = async (event, api) => {
if (!event.user.email_verified) {
try {

  // Generate the Auth0 API Access Token
  const tokenResponse = await fetch(`https://${event.secrets.AUTH0_DOMAIN}/oauth/token`, {
    method: "POST",
    headers: {
      "Content-Type": "application/json",
    },
    body: JSON.stringify({
      client_id: event.secrets.AUTH0_CLIENT_ID,
      client_secret: event.secrets.AUTH0_CLIENT_SECRET,
      audience: `https://${event.secrets.AUTH0_DOMAIN}/api/v2/`,
      grant_type: "client_credentials",
    }),
  });

  if (!tokenResponse.ok) {
    throw new Error(`Failed to fetch Auth0 API access token: ${tokenResponse.statusText}`);
  }

  const tokenData = await tokenResponse.json();
  const accessToken = tokenData.access_token;


  // Send a verification email
  const response = await fetch(
    `https://${event.secrets.AUTH0_DOMAIN}/api/v2/jobs/verification-email`,
    {
      method: "POST",
      headers: {
        Authorization: `Bearer ${accessToken}`,
        "Content-Type": "application/json",
      },
      body: JSON.stringify({
        user_id: event.user.user_id,
      }),
    }
  );

  if (!response.ok) {
    throw new Error(`Failed to send verification email: ${response.statusText}`);
  }

  console.log("Verification email sent successfully");

  // Redirect the user to the verification page
  api.redirect.sendUserTo("https://www.voitrai.cloud");
} catch (err) {
  console.error("Error sending verification email:", err);
  throw new Error("Failed to send verification email. Please contact support.");
}

}
};

the one oddity is i get a verification email with a From address of the App and then another From the Tenant… odd…

6

Hi @mikesATvoitrai!

Thank you for the update.

The Template for Actions is a library of prebuilt Auth0 Developer solutions that you can adjust to your needs. Your Custom Action sits under Actions->Triggers->Post-Login → Custom, from which you can drag and drop it into your flow.

For the 2nd email coming from the Tenant address, make sure to pass the client_id in the job request inside your action as if you won’t send it, Auth0 will use the global Client ID. → Auth0 Management API v2

Thanks
Dawid

7

ah HA! Thanks Dawid. you’re awesome. simple, clean fixes. I love it. I am always learning. appreciate you.

1 Like
8

You welcome @mikesATvoitrai :tada: I’m glad I could help you!