Welcome Email -> Password Change

I was looking at this thread where it suggested that we could commandeer the ‘forgot password’ functionality of the Management API to send a user an email that welcomes them and prompts them to change their password:

My question is how can we retain the functionality of the ‘forgot password’ endpoint? It would be strange for my current users to receive a welcome email template prompting them to change their passwords as if they’re new users.

Thanks in advance.

Hi @mhouse , welcome to the community!

There are two main approaches here:
A.) modifying your Change Password email template to make sense in both a password reset and a new user context, so regardless of how the email was triggered, it won’t be confusing for the end user.
E.g. something like: “Please use this link to reset your password, if you are creating a new account, please use the link to set up your password”

B.) Using the Management API to generate a password reset ticket ( this ticket is the URL that is generated in the normal change password email for you normally ), which could be sent with a completely bespoke email outside of Auth0 to the user as your sign up invitation email.
This would typically require you to make a custom script/app that could fetch a Management API token, request a password reset ticket for the relevant user, then call your email provider’s API to send a “sign up” email with the ticket URL appended.

This allows you to separate the “out of the box” forgot password functionality (and email template) from your sign up flow.

On a related note, the newly added Organisations feature also allows for a built-in invite flow too, with its own email template:

I hope that has helped!

Thank you for the welcome and reply sgo.

I presented to my team the first option you suggested and that’s what we’re going with for the time being.
I am also working to develop an Amazon SES solution using a custom form hosted by our application and will likely use the management client’s API to change their password.
On that same topic, I wanted to mention real quick that it appears Auth0’s documentation for the management client is down and I wasn’t able to find another copy:

Thank you,

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.