User email verification


As per one my requirements, I need to register new users and have they email verified before enables the sign in feature. The application flow should be the following:

  1. The user provides the username/email and password and clicks in the registration button.
  2. The system should register it with non-verified email status and send a verification email.
  3. The user should click on the link and has the email verified.
  4. The user must be redirected to the application homepage.

Currently, I am able to create the user by the following API:

Then I call the following API to active it and send the email verification link:{{userId}}/lifecycle/activate

After that, the user receives the verification email and also its status has changed from Staged to Active

The problem that I am facing is that even if the user does not click on the verification link, it is possible to execute the sign in using the following API call:

Is there a way to disable the user sign in until it verifies the email?

Can someone please guide me on the right path or letting me know what I am doing wrong here.

Thanks in advance.


I think this feature announced at Oktane 19 will solve it:

Do you have a solution to vmachad9 requirements?

The progressive profiling in OIE should solve

Can you elaborate on how and what the process is?