"PUT api/user/verify-email?email={email}&sendVerifyEmail=true" returns the empty body

Ssong · 6 Oct 2020, 17:43

Hi, I tried with workaround solution to set to email verified via API calls and I searched relevant questions and solutions but couldn't find right one.

So, I've registered a user via /api/user/registration/ successfully and the email for verification is sent.

"registration": {
       "insertInstant": 1602003962113,
       "lastLoginInstant": 1602003962115,
       "lastUpdateInstant": 1602003962113,
       "usernameStatus": "ACTIVE",
       "verified": true
   },
"user": {
       "active": true,
       "verified": false
   }

Secondly, I tried to get the email verification ID via API call to get resent verificationId - PUT /api/user/verify-email?email={{loginEmail}}&sendVerifyRegistrationEmail=true however, it returns the empty response and the email for verification isn't sent from this call.

Can you give some tips to get verificatioId from API call?

Thanks,

dan · 6 Oct 2020, 22:00

I believe the correct path is to call

PUT /api/user/verify-registration?applicationId={applicationId}&email={email}&sendVerifyRegistrationEmail=false

That will return the verificationId in the response.

More here: https://fusionauth.io/docs/v1/tech/apis/registrations#resend-a-user-registration-verification-email

Ssong · 6 Oct 2020, 23:00

@dan Thanks for your reply.
As you suggested, I've tried PUT /api/user/verify-registration?applicationId={applicationId}&email={email}&sendVerifyRegistrationEmail=true

It returns same an empty body and it doesn't send the email, either.

dan · 7 Oct 2020, 23:43

Hiya,

So here's what I did.

I made sure that email verification was enabled at the tenant level. "Tenants -> Your Tenant -> Email -> Email Verification Settings".

Then I ran the following curl scripts (where API_KEY is a valid FusionAuth API key) to mark the email of a user verified.

# create the user
curl -XPOST -H'Content-type:application/json' -H "Authorization: $API_KEY" 'http://localhost:9011/api/user' -d '{"user" : { "email" : "testverify4@example.com" , "password" :"password", "verified" : false }}'

# ask for a new verification id, but don't send the email--assume you send the email in some other way.
curl -XPUT -H "Authorization: $API_KEY" 'http://localhost:9011/api/user/verify-email?email=testverify4@example.com&sendVerifyEmail=false'

# This sends back:
# {"verificationId":"nBm3HvfI1fAgilLk2Hj06gXeYuidhRM25tPECtbpqMM"}

# GET the user to make sure they still have email verified of false
curl -XGET -H "Authorization: $API_KEY" 'http://localhost:9011/api/user/552bdd9a-2655-433c-a91d-7002e730b385'

# post to verify the user's email address
curl -XPOST -H "Authorization: $API_KEY" 'http://localhost:9011/api/user/verify-email/nBm3HvfI1fAgilLk2Hj06gXeYuidhRM25tPECtbpqMM'

# GET the user to verify that the email address has been marked verified.
curl -XGET -H "Authorization: $API_KEY" 'http://localhost:9011/api/user/552bdd9a-2655-433c-a91d-7002e730b385'

Does this flow help?

Also, remember that there is registration email verification and user email verification, and the APIs are different. I believe, from what you wrote, that you are trying to get user email verification (that's the APIs you are using, except that the first post talks about verifying a registration); please correct me if I'm wrong.