Username Password connection, organization & signup

I have a usecase where I create an organization on auth0, Organization has social connections and username & password connection enabled.

  • I enable membership on signup. I control who is allowed to login using custom postlogin action.
  • I want to invite foo@bar.com to an organization, invitation email should contain first time password setup link. User clicks on that and then only they are able to create password and using this credential they can now login to the organization they are part of.

How do I setup this flow in auth0?

To be precise, I want to invite foo@bar.com to an organization using username/password connection. In current setup when I invite the member, they get an invitation email address but they are prompted to login without knowing their password.

Hi @jmj,

Have you looked at our Send Email Invitations for Application Signup documentation? Does this differ in some way from the flow you describe here?

Thanks @dan.wonda - I will try it out and update here.

1 Like

Hi @dan.woda I tried this approach. there is one issue in this approach.

I am using custom email provider and customized HTML for password reset page - after reset of password there is no auto redirect or button to navigate. I am using app_id in reset_password management API call and I have default login url configured in my application.

Similar issue as mentioned Password Reset Redirect not working - #17 by joby

To be specific

  • I used management v2 api to create password reset ticket (link). I specified user_id, client_id, ttl_sec, mark_email_as_verified parameters in request.
  • I customized the link and added url fragment to it.
  • On universal login, I customized password reset page to respect the url fragment and render different text on password reset page.
  • I have configured the default tenant login page and the application default login page for the client_id supplied on step 1.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.