API to resend code during open registration?


#1

Hi,

I’m currently implementing a registration form in my app using the following json post in /user/register

{
  "email": "myemail@mydomain.com"
}

It works fine and I receive an email with a confirmation code. I can also confirm using the following json post in /user/register.

{
“email”: "myemail@mydomain.com",
“code”: “somecode”,
“new_password”: “somepassword”
“first_name”: "myfirstname,
“last_name”: “mylastname”
}

However, in cases wherein for example, the email did not get through, is there an API to resend the code?

Thanks.


#2

Can anyone help me with this?


#3

Still need help with this.


#5

After a user has successfully registered, regardless of whether they get the email or not, the user is created in the system. An admin can then login to the Admin console, select the User tab, and select the user from the list. There you will see a “Send Invite” button that will resend the invite.

There was a bug in this area earlier in the 2.0 beta, so make sure you have the latest load.


#6

Hi,

Yes, they are registered regardless however, if they have not confirmed by clicking the link from the email and entering the code, they won’t be able to login.

And since they have registered using this email, they won’t be able to re-register using it again.

EDIT: I’ve thought about using the POST email but where do I get the code that was generated for a specific email address? And how do I include it in the mail body?


#7

Both true. Only an admin can re-initiate the “Sent Invite” email, and only an admin can delete the user to allow another user to register with the same email. But I can think of several ways that an admin or an app with admin-level permissions could make this re-sending process easy.

Is your hangup on needing an admin or admin-level-permissioned app in order to accomplish this? Or do you just need help on how to make the right API calls?


#8

Is it possible to do this without admin intervention? I’m looking to do something similar to web applications that provides user the option to resend activation email. A user can register and then receives an email for the activation link. If no email was received, the web app gives the user the option to resend email.


#9

That’s what I thought. No, there is no way to do this without admin privilege. It requires a call to /api/v2/system/user.

I can think of at least three ways to do it with admin privilege, though.


#10

I see. Just in case, how do I do this using /api/v2/system/user?


#11

Here are just a few thoughts that came to me.

An admin-privileged app could get a list of all unconfirmed users pretty easily. Just call

GET /api/v2/system/user?filter=is_active%3Dfalse&fields=id%2Ccreated_date%2Cemail%2Cconfirm_code

This will return an array of unconfirmed users with all the information I could think of needing. (You could add to the &fields= list as needed.) For example:

{
  "resource": [
    {
      "id": 3,
      "created_date": "2014-01-17 19:34:05",
      "email": "drdre@hotmail.com",
      "confirm_code": "blahblahblah"
    },
    {
      "id": 27,
      "created_date": "2015-03-04 00:54:36",
      "email": "rowsdower@compuserve.com",
      "confirm_code": "yaarpyaarpyaarp"
    },
    {
      "id": 43,
      "created_date": "2015-10-15 09:04:24",
      "email": "rivertam@gmail.com",
      "confirm_code": "blerghblerghblergh"
    }
  ]
}

Now you could do several things with this information: remove all unconfirmed users, remove all unconfirmed users with a created_date over 30 days ago, send a reminder email with confirmation code to all users with created_date over 60 days ago, etc.

You could make date calculations within the app and then send DELETE /api/v2/system/user?ids=29%2C37%2C59 where the list of ids is made of just those that match your desired age calculation. Or, you could make the API do the work and only GET users with created_date more than 30 days ago. Like this:

GET /api/v2/system/user?filter=is_active%3Dfalse%20and%20created_date%3Ctimestampadd(day%2C-30%2Cnow())&fields=id%2Ccreated_date%2Cemail%2Cconfirm_code

The above would return you only the two unconfirmed users from above that are more than 30 days old:

{
  "resource": [
    {
      "id": 3,
      "created_date": "2014-01-17 19:34:05",
      "email": "drdre@hotmail.com",
      "confirm_code": "blahblahblah"
    },
    {
      "id": 27,
      "created_date": "2015-03-04 00:54:36",
      "email": "rowsdower@compuserve.com",
      "confirm_code": "yaarpyaarpyaarp"
    }
  ]
}

Now if you take the harsh approach I mentioned above, you could just DELETE /api/v2/system/user?ids=3%2C27 and expect them to re-register themselves with the same email. But perhaps you’d rather send them a new confirmation email, like what happens when an admin goes back into the admin console and clicks “Send Invite” again. I captured the API call from the “Send Invite” button using my browser console, and it’s just as simple as this:

PATCH /api/v2/system/user/3?send_invite=true

So to send invites for more than one user, say, all of the ids returned from the most recent GET query above, you would

PATCH /api/v2/system/user?send_invite=true

with a payload of {"resource":[ {"id": 3},{"id": 27}]}. The API will return the ids for which the PATCH was successful. The sent invitations will adhere to whatever email template you have selected for invitations, which ought to already have their confirmation code included.

The last method I came up with was that your admin-privileged app could also initiate a different email entirely. You’ve already retrieved the users’ emails and confirm_codes, so you could just POST to /api/v2/emailservice whatever email you’d like (such as one with a subject line of “You haven’t yet confirmed your membership!” or something like that).


#12

Thanks. Will try to see if I can use this approach.