How to trigger user.email.verified webhook when user clicks the link in their email

travis.milum

Is it possible to fire the user.email.verified webhook when the user clicks the set password link in their email?

Scenario is

1. User account and registration are created via api. Application is configured to require email verifications, the api request uses sendSetPasswordEmail = true, and skipRegistrationVerification = true
2. They receive an email to set their password
3. User clicks the link and is shown the password change view
   -- at this point since the user clicked the link I'd like to be able to confirm that the email is valid
4. User enters new password
5. user.email.verified webhook sent.

akira

Hi @travis-milum, thanks for writing in!

I'm curious what version of FusionAuth are you using? That may help clear some of this up.

Please let me know, thank you!

Akira

travis.milum

We just updated recently.

travis.milum

Any followup on this one?

joshua

@travis-milum

Thanks for the information! I was able to get this to work.

A couple of pointers

1. Enable the user.email.verified webhook only on the tenant level (unless you know why you are setting it on the application level). This configuration is tricky if setting on the application level and likely is not needed.
2. skipRegistrationVerification = true should be set to skipRegistrationVerification = false
   See our documentation for the reason why
   https://fusionauth.io/docs/v1/tech/apis/registrations/#create-a-user-and-registration-combined

sendSetPasswordEmail [Boolean] OPTIONAL Defaults to false
If true, FusionAuth will send the User an email asking them to set their password. The Email Template that is used is the one specified in the setPasswordEmailTemplateId configured in the Application, or, if that is not configured, the same field in the Tenant.
When you set this value to true, any provided password field is ignored. FusionAuth will set the initial password to a securely generated random string.
If you have also enabled email verification and do not skip verification with the skipVerification parameter, only the setup password email will be sent to the user. Setting up the password using the email sent during this user create operation will verify the User’s email if it is not already verified.
If the SMTP email configuration is not complete, or disabled, this value is ignored.

3. Confirm that your webhook works by testing it as well under settings > webhooks > test button > choose event and test each one as needed

Following these steps, the webhook will fire once the user updates their password after clicking on the email link instructing them to
set a password.

Let us know if you have any questions or difficulty in getting this to work.

Thanks,
Josh

joshua

webhook only on the tenant level

See related post for additional information

https://fusionauth.io/community/forum/topic/1181/webhook-not-working-on-user-delete/4?_=1630508237897