Skip to content

Password authentication is missing email_verification_id in unverified email exception #309

Open
@chan-vince

Description

@chan-vince

The AuthorizationException exception raised when trying to sign in with an unverified email is missing key information to be able to do custom verification of the user.

  1. Ensure password authentication is enabled.
  2. Invite a new user so they are in an organization, but do not have a verified email address yet.
  3. Call the authenticate_with_password() API. It will return an AuthorizationException and I was expecting to be able to get the email_verification_id from it, in order to use get_email_verification() to retrieve the code and do our own custom emails. However email_verification_id is missing from the exception.

When doing the equivalent of authenticate_with_password() with the REST API via curl, it does actually return email_verification_id:

➜ curl --request POST \
  --url https://api.workos.com/user_management/authenticate \
  --header "Content-Type: application/json" \
  -d @- <<BODY
  {
    "client_id": "client_123456789",
    "client_secret": "sk_test_somelongchars",
    "grant_type": "password",
    "email": "[email protected]",
    "password": "mypassword"
}
BODY
{"code":"email_verification_required","message":"Email ownership must be verified before authentication.","email":"[email protected]","pending_authentication_token":"GODRifg8dOiqJzuNrxp7y0nLP","email_verification_id":"email_verification_01J45GMD0K8XJE48Z3QNKBRWTB"}

Am I mistaken for expecting the python sdk to match the curl response, or am I missing something?

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions