Duplicate email verification emails being sent, and forgot password 401

  • Hi all,

    I am having some odd issues with fusionauth and emails being sent. I am using a lot of the services headlessly and making calls to fusionauth server through the c# client package.

    I first noticed I was getting duplicate email verification emails sent. Every time I registered, I would always get two. I went to sendgrid and verified that it was indeed getting two api calls. I am calling it like such

    RegistrationRequest regReq = new RegistrationRequest();
                    UserRegistration userReg = new UserRegistration() { applicationId = new Guid(_authSettings.ApplicationId) };
                    User regUser = new User() { email = model.Email, password = model.Password, username = model.Email };
                    regReq.registration = userReg;
                    regReq.user = regUser;
                    FusionAuthClient client = new FusionAuthClient(_authSettings.ApiKey, _authSettings.Host, _authSettings.TenantId);
                    ClientResponse<RegistrationResponse> RegResp = await client.RegisterAsync(null, regReq);

    The response comes back as successful and the user is added correctly.

    I thought, perhaps, it may just be that one service call so I went to test it out with my other service endpoint that would send an email, forgotpassword. However, that is giving me a 401 response though I use it in the same fashion as register.

    FusionAuthClient client = new FusionAuthClient(_authSettings.ApiKey, _authSettings.Host, _authSettings.TenantId);
                    ForgotPasswordRequest forgotReq = new ForgotPasswordRequest();
                    forgotReq.applicationId = new Guid(_authSettings.ApplicationId);
                    forgotReq.email = model.Email;
                    forgotReq.username = model.Email;
                    ClientResponse<ForgotPasswordResponse> forgotResp = await client.ForgotPasswordAsync(forgotReq);

    This comes back with a 401 response, indicating the apikey is incorrect, however the same key is used in all other calls through the library and do not give 401.

    Anyone have any thoughts on either problem?

    Thanks in advance!

  • I was actually able to figure out the duplicate email problem. Having a tenant part of an application, the tenant verification settings do not override the application verification settings. So if verification email was turned on in the application and the tenant, both entities will send out verification emails.

    Is this the intended behavior?

    The forgot password issue remains.

  • This post is deleted!

  • Dan was kind enough to point out that I did not check the apikey level permissions. All working now.

  • Darn API key permissions!!


Log in to reply

Looks like your connection to FusionAuth Forum was lost, please wait while we try to reconnect.