Skip to main content
Looking for how to invite users to an Organization? Read Invite Organization Members instead.
One way to manage sign-ups for an Auth0 application is with user invitations. In a typical user invitation workflow, an application administrator creates a new user account and then sends an email invitation to a user with an activation link. When the user follows the link, they set a password for the account, and can then log in. A user invitation system can be useful for use cases like restricting sign-ups or creating accounts in bulk.

Implementing user invitations for application sign-up on Auth0

On Auth0, you can implement user invitations using the password change workflow.
  • By styling the Universal Login or Classic Login password reset page to additionally support a user invitation experience, you can use a password change link as an invitation to a new user account.
  • By similarly customizing the password change email template, you can use Auth0’s password change workflow to generate the password change link and send the invitation email using your tenant’s configured SMTP provider.
If you already have an external email solution and don’t want to configure an SMTP provider on your tenant, you can use the Management API to generate the password change ticket and email the ticket link to the user yourself instead of using Auth0’s email template and workflow.
This implementation relies on a user metadata property (named user.app_metadata.needsInvitation in these instructions) which indicates that the user has an outstanding invitation: when it’s true, the user receives the user invitation experience; otherwise, they receive the regular password reset experience.

1. Customize the password change email template

First, customize the password change (link) email template to handle both user invitation and password change workflows. Use Liquid to check whether the user metadata property for an outstanding invitation is set and send the appropriate message. For example: 
{% if user.app_metadata.needsInvitation %}
    // User invitation email content here
{% else %}
    // Password change email content here
{% endif %}
Additionally, append a query parameter to the password reset link in the message body to indicate which experience the user should see on the password reset page. For example, you can append type=invite or type=reset.

2. Style the password reset page

Based on the query parameter you set in the template, style the password reset page to support both user invitation and password change workflows based on the query parameter. For instructions with Universal Login, read Customize Universal Login. For instructions with Classic Login, read Customize Password Reset Page.

3. Create a post-login Action to unset the invitation property

Once the user sets their password and logs in for the first time, they no longer need an invitation and should receive the password change experience in the future. To handle this, create a post-login Action that sets user.app_metadata.needsInvitation to false: 
exports.onExecutePostLogin = async (event, api) => {
    if (event.user.app_metadata.needsInvitation) {
        api.user.setAppMetadata("needsInvitation", false);
    }
};

4. Send user invitations

To send a user invitation, create a new Auth0 database user from the dashboard or the Create a User endpoint in the Management API and:
  • Set the user.email_verified parameter set to false.
  • Set user.app_metadata.needsInvitation to true.
Then, call the Authentication API’s Change password endpoint to send the invitation email to the user.

Learn more

To control where the user is redirected after setting their password: For more information on email configuration, you can read: