About

Email verification is turned off by default. It is strongly encouraged to enable it to ensure the authenticity of your users. When your users sign up with third party providers, SuperTokens make sure that the email they are using is verified. If it's not the case, SuperTokens will render the email verification page and send a verification email to make sure that your user's address is correct.

When the email was already verified by the third party provider, then this step is ignored.

Here is how to turn on email verification from your front end application:

// in your frontend code

SuperTokens.init({
    appInfo: {...},
    recipeList: [
        ThirdPartyEmailPassword.init({
            emailVerificationFeature: {
                mode: "REQUIRED"
            }
        }),
        Session.init()
    ]
});

When a new user sign up with an unverified email, they will receive an email to verify their address and be redirected to the following screen:

After they have clicked on the email, they will see this screen:

Doing operations post email verification

We have defined a callback in the backend SDK which will be called after a successful email verification. You can define the callback for tasks like analytics, sending a user a welcome email, notifying an internal dashboard etc..


SuperTokens.init({
    appInfo: {...},
    recipeList: [
        ThirdPartyEmailPassword.init({
            emailVerificationFeature: {
                handlePostEmailVerification: (user) => {
                    let {id, email} = user;
                    // this is called when this user verifies their email.
                }
            }
        }),

        Session.init()
    ]
});
Note that if you are already using SuperTokens in production and turn on email verification, your users will be redirected to the email verification screen next time they use your application.
Embed in a pageCustomising the email sent