Automatic configuration of the Auth0 Login Page and Email Templates

automate-login-page-email-templates.md

Customzing the Password Reset Page

Go to the API v2 explorer and generate a token with update:tenant_settings. Then call the tenants endpoint with the new HTML:

PATCH https://{YOUR_DOMAIN}/api/v2/tenants/settings

{
  "change_password": {
    "enabled": true,
    "html": "<!DOCTYPE html>\n<html>\n<head>\n  ..."
  }
}

Customizing the Login Page

Go to the API v2 explorer and generate a token with read:clients and update:clients. Then click on API Key/Secret to figure out what your Global Client ID is (API Key).

Then you should call the following endpoint with the token: GET https://{YOUR_DOMAIN}/api/v2/clients/{YOUR_GLOBAL_CLIENT_ID}

{
  ...
  "custom_login_page": "<!DOCTYPE h...",
  ...
  "custom_login_page_on": false
}

In order to activate and update the custom login page you need to call the following endpoint PATCH https://{YOUR_DOMAIN}/api/v2/clients/{YOUR_GLOBAL_CLIENT_ID} with this payload:

{
  "custom_login_page": "<!DOCTYPE html>\n<html>\n  <h...",
  "custom_login_page_on": true
}

Customizing Email Templates

These endpoints are still using API v1.

Email types:

• verify_email
• welcome_email
• reset_email
• blocked_account

Getting a Token

Go to https://{YOUR_AUTH0_CLUSTER}/docs/api/management/v2 and click the API Key/Secret link to get your Global Client ID and Secret.

Then you can call the following endpoint to get an API v1 token:

var request = require("request");

var options = {
  method: 'POST',
  url: 'https://{YOUR_DOMAIN}/oauth/token',
  headers: {
    'cache-control': 'no-cache',
    'content-type': 'application/json'
  },
  body: {
    grant_type: 'client_credentials',
    client_id: '{GLOBAL_CLIENT_ID}',
    client_secret: '{GLOBAL_CLIENT_SECRET}'
  },
  json: true
};

request(options, function(error, response, body) {
  if (error) throw new Error(error);

  console.log(body.access_token);
});

Get an Email Template

Call GET https://{YOUR_DOMAIN}/api/emails/{TEMPLATE_TYPE} which returns:

{
  "template": "verify_email",
  "tenant": "sandrino-dev-eu",
  "from": "",
  "subject": "Welcome here!",
  "resultUrl": "http://jwt.io",
  "body": "<html>\n...",
  "disabled": false,
  "urlLifetimeInSeconds": 432000,
  "syntax": "liquid"
}

This will return 404 if the template has not been configured.

Create an Email Template

To create an email template you can call POST https://{YOUR_DOMAIN}/api/emails/ with the following payload:

{
  "template": "verify_email",
  "tenant": "sandrino-dev-eu",
  "from": "",
  "subject": "Welcome here!",
  "resultUrl": "http://jwt.io",
  "body": "<html>\n  ...",
  "disabled": false,
  "urlLifetimeInSeconds": 432000,
  "syntax": "liquid"
}

Update an Email Template

To update an email template you can call PUT https://{YOUR_DOMAIN}/api/emails/{TEMPLATE_TYPE} with the following payload:

{
  "tenant": "sandrino-dev-eu",
  "from": "",
  "subject": "Welcome here!",
  "resultUrl": "http://jwt.io",
  "body": "<html>\n  <head>...",
  "disabled": false,
  "urlLifetimeInSeconds": 432000,
  "syntax": "liquid"
}

Note, you can set disabled: true to disable an email.

The 'GET' works: hence I'll assume the template is there, so a PUT is what I need to do.
The 'PUT' replies with a mongodb error, my payload seems correct: '$set' is empty. You must specify a field like so: {$set: {<field>: ...}}
The 'POST' (just to test) replied with: 'Email template must have a value'. Which doesn't tell me much.

The payload constructed for PUT & POST was based on the output of the 'GET'.

There's now a new email type that can go under Customizing Email Templates for Password Breach Alert:

• stolen_credentials

supported email templates

reset_email
welcome_email
enrollment_email
stolen_credentials
verify_email
blocked_account