Verify email with code?

bookdrive.lokd · September 1, 2023, 10:01am

I want when the user’s signup the email_verified : false is returned. But i want the user to recieve a verification OTP on their mail, which they will enter on the auth0 page and then i receives the email_verified = true eveytime when a new user signup. How do I achieve this functionality? I would prefer a detailed process.

suchislife801 · September 1, 2023, 3:44pm

Steps to Implement Email Verification with OTP in Auth0:

1. Auth0 Dashboard Configuration:

Go to Auth0 Dashboard > Rules > Create Rule.
Choose “Email Verification” template.
Modify the rule to send OTP instead of a link.

2. Auth0 Rule Code:

function (user, context, callback) {
  if (user.email_verified) {
    return callback(null, user, context);
  }
  
  // Generate OTP and send via email
  // You can use Auth0's API or third-party services to send OTP
  // Store OTP for later verification
  
  // Redirect user to OTP verification page
  context.redirect = {
    url: "YOUR_OTP_VERIFICATION_PAGE_URL"
  };
  
  return callback(null, user, context);
}

3. OTP Verification Page:

Create a page to input OTP.
Use Auth0.js or Auth0 SDK to verify OTP.

4. Verify OTP:

// Use Auth0 API to verify OTP
// If OTP is valid, set `email_verified` to true

5. Finalize Rule:

After OTP verification, redirect back to the application.
Update email_verified in the user profile.

6. Client-Side:

After successful login, check email_verified in the user’s profile.

7. Server-Side (Optional):

You can also check email_verified server-side for extra security.

8. Done:

Now, email_verified should be true for users who have verified their email via OTP.

This is a high-level overview. Each step can have its own complexities depending on your specific requirements.

cdascal · January 14, 2024, 4:47pm

Hi @ suchislife801
Would you please help with an updated guide ? I believe “rules” are deprecated and no longer available for new tenants. I know it’s a lot to ask, that would save my day

margot · February 27, 2024, 1:14am

Same question as @cdascal - Would appreciate guidance about how to achieve the same via Actions now that rules are being deprecated.

Thoughts @suchislife801 or anyone else?

stephanie.akpakoun · February 27, 2024, 6:21pm

Here is a code example from an Auth0 SA:

github.com

abbaspour/actions-gallery/blob/main/post-login/validate-email/validate-email.js

// noinspection DuplicatedCode

/**
 * Author: Amin Abbaspour
 * Date: 2023-11-22
 * License: MIT (https://github.com/auth0/actions-gallery/blob/main/LICENSE)
 *
 * Generic Action showing how to perform a nested authorisation transaction.
 * With nested transactions can build various functionalities on top of Auth0 UL without any server side or companions apps
 * For example you can use this to validated credentials, change password on next login, etc
 *
 * In this example, we are re-authenticating a social account with credential DB and link them.
 *
 * NOTE: `domain/continue` should be among allowed callback URLs of your client.
 * NOTE: if using NUL, authentication profile should be "Identifier First"
 *
 * @param event https://auth0.com/docs/customize/actions/flows-and-triggers/login-flow/event-object
 * @param api https://auth0.com/docs/customize/actions/flows-and-triggers/login-flow/api-object
 * @returns {Promise<void>}
 *

This file has been truncated. show original

salmanmian54321 · March 9, 2024, 1:18am

Hi @cdascal , Did you find a way to implement verify email with code ? I tried doing so by going in branding → email template → then choosing verification email with code. we also have to enable custom email provider by going in email provider and enabling “use my own email provider” for that.

I tried sending email while testing it from the dashboard in email template section. it worked over there but the same is not working as when signing up user from my app. please let me know if you have figured out a way to implement it.

Thanks

nik.baleca · February 18, 2025, 5:58pm

Hello everyone!

Thank you for posting this question on the community and I am sorry regarding the late reply to your inquiry!

As an alternative solution to sending an email using the email template where an email domain is required you can go to Authentication → Databases → Select your database → Attributes → Email → … ( three dots on the side) → Configure → Select OTP. Make sure that Allow Signups with Email is Required and check Verify Email on Signup.

Let me know if you have any other questions by leaving a reply or posting again on the community!

Kind Regrads,
Nik

system · March 4, 2025, 5:59pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to implement OTP based email verification upon user registration Get Help auth0	2	4556	February 16, 2020
Email verification via OTP Get Help login-experience , new-universal-login-experience	2	243	February 6, 2025
Auth0 emai otp verification Get Help mfa , one-time-password-otp-factor	0	339	February 10, 2024
How to send an email verification (with code) and require it to verify email after signup? Get Help signup , email-verification	4	6574	September 1, 2023
How to configure /dbconnections/signup to send OTP for email verification? Get Help verification-email	8	4144	December 8, 2020