Verify email in auth callback after sign up

nkramer · July 13, 2023, 7:09am

Hi,

I would like to verify the user’s email in the auth callback, after they’ve signed up.
This is valid because we have sent the user a link to sign-up via the email address that we have on file for them in our system.
(and since they have the token in the link, we know that they had to have access to the email we have for them on file in our system, so it makes sense for us to consider it verified, and save the user the hassle)

In order for this plan to work, I will need to either:

suppress the verification email so it isn’t redundantly sent to them
modify the verification email template to be more of a welcome email if they’ve already been verified (but this all depends on the timing of when the email is sent, I can’t find any documentation describing when it is sent relative to the pre/post registration and pre/post login flows)

Therefore my questions are:

Can I suppress the email for sign ups programmatically?
When is the email sent relative to the available actions?

I have looked at using the /verification-email job to send the email programmatically, but it looks like I can’t turn off the automatic send while using that. Customize Email Handling

dan.woda · July 14, 2023, 4:21pm

Hi @nkramer,

Welcome to the Auth0 Community!

You can disable the template, which should prevent the email from being sent. What do you mean suppress it programmatically?

I’m a bit confused by this question. Are you asking when is the email sent in the Auth0 Actions Pipeline?

nkramer · July 18, 2023, 11:45pm

Hi Dan!

Thank you so much for taking the time to respond to my question.

You can disable the template, which should prevent the email from being sent.

My concern with disabling the template was that it seemed to prevent the email-verification job from working (which was the way I was hoping to send the email in a custom action).

What do you mean suppress it programmatically?

I basically meant, do I have an API in the auth actions that allows me to suppress it, or is it too late at that point.

Essentially, imagine I’m wanting to move the automatic send into a more explicit form in the actions, one that I can make conditional so that I can suppress it myself.
Is that possible with the default verification template or do I have to involve sendgrid?

Are you asking when is the email sent in the Auth0 Actions Pipeline?

Yes, exactly!

nkramer · July 19, 2023, 2:38am

Just a follow up,

In our case we’re using a custom DB connection.

We’re going to explore using our DB scripts to set email_verified to true if our token from the email matches, which could work for our use-case. I’d still be curious and very grateful if you have any thoughts on the above.

I will update here if we manage to find a solution.

dan.woda · July 19, 2023, 2:08pm

Currently, disabling the template disables the email entirely, even from the email-verification job endpoint.

Another option would be to generate email verification tickets and handle them with your own email provider.

system · August 14, 2023, 3:47pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.