#POST Users Rest API

Hi All,

When you call POST /users to create a new user

Does directus give you an option to send an email to the user to verify the account before the account becomes active ?

If not, what is the recommended method to achieve this ?

Many thanks,
Alex

You can create a flow to send the email

should be something like this:

1. Someone tries post user
2. You create it with the status "invited"
3. You create a flow that puts a activation code on the user and also sends an email
4. You create another flow (or extension endpoint) to receive the code and update the user to active

This would be my approach:

1. Extend directus users schema with another field, named something like, "Link token", this is for generating a token, which would be part of the verification link. (This is required so that links are random and unique)
2. Create an extension endpoint which to which you send the new user, (instead of /users). And from here create a new inactive user, based on the input, and also generate a long sha256 string, and put it in the link to send as email, and also in the "link token" field of the user.
3. Another extenion endpoint route in the same file, like /verify?token="<token>", (this is what you have passed to the user via email), and from this endpoint, verify the user, match the tokens, and set the user to active, and send another email saying your account is now active.

if i might add something, a redirect towards the frontend in 3.
also, i tried to keep it as non technical as possible 🙂

Yes.
A better fully non technical approach would be:

A single flow that on user create:

• generates a random big password and stores it as the user’s password
• and sends email to that user with the generated password

This way there is no verification required from our side, as the only way they can log in is if they have the password, which they can only have if their email was a proper email. 😊 Self verified!

Much more simpler solution.

True but you will need to ask the user to change his password

Yes, that can be sent along with the email, the instructions.

true, would be a clean way for signups

unless you have alot of signups thus creating too many mails

so some transaction mailer has to come in

This can also be done in another fashion.

That is not to directly create a user, but rather create a Signups collection, and create a new record in here, for the new email.
Now using a cron-triggered flow, read a few and create users with a random password and send the email. This way you can implement a queue. But this way if there are a lot of signups then users will get their email late.

True

Good use of flows above. There is an endpoint for inviting users:
https://docs.directus.io/reference/system/users.html#invite-a-new-user

Thank you very much for everyones help 🙂

Welcome.

I have created a flow , created a trigger on users.create and an action is set to send email, I also updated the user schema and added a custom field called registration_verification_token that is a UDID that gets auto created on create.. the problem is the Flow object, does not give me access to the custom registration_verification_token field.. I am not sure how can I access it from the Flow Object... I have tried these variables.... {{$trigger}} {{$accountability}} {{$last}} none of them give me access to the registration_verification_token... any suggestions at all ?

many thanks

You will have to do a read data

I am sorry, can you please explain

I will have to write a custom script for the flow you mean ? so I can't do it just inside the flows ?

I understood 🙂 ...

I found the read data option in the work flows