Hi there,
I'm aware that gated email-verification is a paid feature.
Nevertheless, you state the api shall be fully functional without a license key.
The way gating is behaving is confusing to me:
-
if tenant is set to "not verify", new users get a verified=true entry. This plain wrong imo - the email has not been verified, as another system shall take this task.
-
If tenant is on verify, initial verify is false (correct), but I did not find a way to suppress the emails - is there one?
-
the verified=true can not be patched to false, neither to true, neither set in the backend to any value.
-
using the two step flow - in theory - could help to set at least true - But:
calling PUT /api/user/verify-email endpoint ends in a 403 answer on free edition (but works correctly on our pro edition...) Is that intended? -
The SkipVerification flag has no effect on patch / put, it seems.
So, how could an external system handle verification, but keep fa as the master for the flag?
Thanks!