On Dashboard → Branding → Email Templates one can select the following Template: ‘User Invitation’, saying the following: ‘This email will be sent whenever a user is invited to an organization or application.’’
My question is: how can I trigger the sending of such an email?
Sending a POST Reqeust to https://{{domain}}/dbconnections/change_password#type=invite
This will send a normal Password Reset Email to the user and is not what I want: I want the User Invitation email to be sent.
Sending a POST request to https://{domain}/api/v2/tickets/password-change#type=invite
This will also not send an email, it will just return a URL.
So to repeat my question: how can I trigger the sending of a User Invitation email? Preferably by using a Management API endpoint.
Thank you all for your help and have a good weekend!
David
Thanks for the quick reply. At the email template is says:
I do not wish to use the organisation features of Auth0. But according to the email template sentence mentioned above, it should be possible to also invite people to an application.
But after your answer, I now assume, this Invitation Email sent by Auth is only available in the context of Organisations? And that inviting users without an organisation is only possible by sending an invitation email manually yourself? Could you confirm my assumption is correct?
And if so, may I propose to rename the ‘User invitation’ email template to the name you used above, being ‘Organisation invitation’? That would be a more appropriate name and directly clarify the usecase for that template.
But I don’t get it yet…it says ‘With Auth0, there are two common approaches to implementing user invitations’, being (1) ‘Customize an email template’ and (2) ‘Create a password change ticket’? But customizing an email template doesn’t make sense to me, if I need to send the email then myself using an external mail program?
For (1), ‘Customize an email template’ involves using the Management API’s Update an email template endpoint to repurpose the language in your welcome email as an email invitation.
@rueben.tiow, can you please provide one clarification:- that customization of a password change template which is described in the article Send Email Invitations for Application Signup, how will it be used, if we need to send the link to the user through our own email service provider?
Will you be able to elaborate on this topic? Thank you.
Just for documentation purposes, I’ll quickly outline how I solved sending user invitation emails without using the organisation features.
The premisses for this solution:
Users are not allowed to sign up them selves, they can only obtain an account by invitation.
User / passwords are stored in a database.
The invitation workflow then looks like:
Invite a user by creating a new user using the Management API https://auth0.com/docs/api/management/v2#!/Users/post_users endpoint, with email_verified set to false and a randomly generated password. This password will not be communicated to anyone and will never be used.
Trigger an interactive password reset flow as described here (Change Users' Passwords), which means we send a request to the Authentication API Create a password endpoint.
Auth0 will then send the Change Password email template. We adapted that template, both the subject and the body, in such a way that it will be an invitation email if the user email is not yet verified, and a normal password change email if that has been verified. The subject for example is: {% if user.email_verified %}Change password for{% else %}Welcome to{% endif %} {{ friendly_name }}
If the user clicks the link in the email, the Password change page will be shown. One could customize that page as well, but we just customized the texts, such that they will both make sense for setting the password for the first time after an invitation as for resetting the password if the user had triggered the password reset flow him/herself.
One the password has been set by the user, Auth0 will automatically set the email_verified property of the user to true and this invitation workflow can be considered done.
As far a I’ve understood it there are two kind of invitations: organisation invitations and non-organisation invitations.
Organisation invitations
One can use the workflow described here, which will let Auth0 send an email using this User invitation email template.
Non-organisation invitations
For Auth0, there is no such thing as invitations outside the context of an organisation. So we will be hacking around the ‘reset password’ functionality to achieve something like an invitation. And we have two options then: sending the invitation email yourself or let Auth0 send the invitation email
Sending the invitation email yourself
This is described here: Send Email Invitations for Application Signup. What imho is wrong and confusing in that description is the section Create email template. There is no such thing as an email template here, because you will be sending the email yourself.
Great @derwald , thank you for your recipe, especially the part about the email template adjustment. Now it totally makes sense, how to deal with this task.
A bit of clarification for that article on invitations will definitely help those folks coming after us.
Hi @derwald,
Sorry to interfere in this post but I am trying to set up the user invitation email and I came across this very useful post that you made (I think the documentation on this topic is way too generic).
Your post is very clear and I am using it as a base to generate my user import/creation workflow. One thing confuses me: you base your email template to set the password on the “email_verified” set to “false”, but when I test just your point 1, my newly created test user receives a “Verify your email” email, which I obviously don’t want as the user will receive from point 2 the password reset (in this case the first time password creation). Do I need to disable it by passing or setting something?