Hello,
Is it possible to have e-mail verification when signing up with passwords and using the pre-built UI?
It seems strange that I can sign up with an e-mail address that never gets verified …
I’m new to Stytch, so I may have overlooked something obvious. But I couldn’t find an answer to my question in the docs.
Thanks
Gerd
Hey Gerd – thanks for posting!
We don’t have an email verification feature built into our pre-built UI component, but I’d be happy to raise that internally as a feature request.
That said, we generally recommend prompting users to verify their email address either right before or right after they create a password during your signup flow. You can do so either by sending them an Email OTP or Email Magic Link using our JavaScript SDK’s headless methods.
Note that for security purposes, the user will need to both create a password and complete email verification on the same device, during the same Stytch Session. Otherwise, they’ll be required to reset their password in order to prevent an account takeover vulnerability.
I’d recommend checking out our Email verification guides for some additional information. The guides are catered towards backend Stytch integrations, but the same general principles apply. The main difference is that you will not need to worry about including the user’s Stytch session token in any of your requests, as our frontend JavaScript SDK will do that for you automatically.
Happy to help with any additional questions you have about this!
Thanks!
Verification in UI-components built-in would be great !