Overview
After refreshing the user’s email_verified status, the user gets logged out. This article explains whether it is possible to perform the email verification without logging the user out when the user has performed the email verification process.
Applies To
- Email Verification
- User Verification
Solution
This is as per design. Generally, an Auth0 session is cleared by diverting users to the /logout endpoint. However, if the Update a User endpoint is called to reset user attributes (passing values email, email_verified, phone_number, and password), auth0.checkSession does not renew the session, and the user must re-login. This is explained here.
The engineering team can help enable a flag in the tenant to skip this behavior. Please reach out to the support team to get this flag enabled.