Email Verification Required screen (v1) overview

The authRule_verifyEmail screen appears if:

  1. An authorization rule has been implemented that requires a user to have verified their email address before they can log on.

  2. The user has not yet verified their email address.

If the authorization.rules.email_is_verified authorization rule has been enabled:

  1. A user signs in and is authenticated.

  2. Before the user is issued an access token, Hosted Login checks the user profile to see if the email attribute and the emailVerified attribute both have values:

    • If the answer is “yes,” the user is issued an access token and is fully logged on.

    • If the answer is “no,” the authRule_verifyEmail screen is displayed. The user must supply their email address and click Send. An email verification link is then sent to that address. After the email address is verified, the user can return to the site and log on.

    Note that, if the user has supplied an email address but the address hasn’t been verified, that address will appear in the Email Address field.

Authorization rules screen flow

The following graphic shows how the authRule_verifyEmail screen fits into the Authorization Rules flow:

See also