FusionAuth developer image
FusionAuth developer logo
  • Back to site
  • Expert Advice
  • Blog
  • Developers
  • Downloads
  • Account
  • Contact sales
Navigate to...
  • Welcome
  • Getting Started
    • Getting Started
    • 5-Minute Setup Guide
    • Setup Wizard & First Login
    • Register a User and Login
    • Self-service Registration
    • Start and Stop FusionAuth
    • Core Concepts
      • Overview
      • Users
      • Roles
      • Groups
      • Registrations
      • Applications
      • Tenants
      • Identity Providers
      • Authentication/Authorization
      • Integration Points
    • Example Apps
      • Overview
      • Dart
      • Go
      • Java
      • JavaScript
      • .NET Core
      • PHP
      • Python
      • Ruby
    • Tutorials
  • Installation Guide
    • Overview
    • System Requirements
    • Server Layout
    • Cloud
    • Cluster
    • Docker
    • Fast Path
    • Kubernetes
      • Overview
      • Deployment Guide
      • Minikube Setup
      • Amazon EKS Setup
      • Google GKE Setup
      • Microsoft AKS Setup
    • Kickstart™
    • Homebrew
    • Packages
    • Database
    • FusionAuth App
    • FusionAuth Search
    • Common Configuration
  • Migration Guide
    • Overview
    • General
    • Auth0
    • Keycloak
    • Amazon Cognito
    • Firebase
    • Tutorial
  • Admin Guide
    • Overview
    • Account Portal
    • Config Management
    • Editions and Features
    • Key Rotation
    • Licensing
    • Monitoring
    • Prometheus Setup
    • Proxy Setup
    • Reference
      • Overview
      • Configuration
      • CORS
      • Data Types
      • Hosted Login Pages Cookies
      • Known Limitations
      • Password Hashes
    • Roadmap
    • Securing
    • Switch Search Engines
    • Technical Support
    • Troubleshooting
    • Upgrading
  • Login Methods
    • Identity Providers
      • Overview
      • Apple
      • Epic Games
      • External JWT
        • Overview
        • Example
      • Facebook
      • Google
      • HYPR
      • LinkedIn
      • Nintendo
      • OpenID Connect
        • Overview
        • Azure AD
        • Discord
        • Github
      • Sony PlayStation Network
      • Steam
      • Twitch
      • Twitter
      • SAML v2
        • Overview
        • ADFS
      • SAML v2 IdP Initiated
        • Overview
        • Okta
      • Xbox
    • OIDC & OAuth 2.0
      • Overview
      • Endpoints
      • Tokens
    • SAML v2 IdP
      • Overview
      • Google
      • Zendesk
  • Developer Guide
    • Authentication Tokens
    • Client Libraries
      • Overview
      • Dart
      • Go
      • Java
      • JavaScript
      • .NET Core
      • Node
      • OpenAPI
      • PHP
      • Python
      • Ruby
      • Typescript
    • Events & Webhooks
      • Overview
      • Writing a Webhook
      • Securing Webhooks
      • Events
        • Overview
        • Audit Log Create
        • Event Log Create
        • JWT Public Key Update
        • JWT Refresh
        • JWT Refresh Token Revoke
        • Kickstart Success
        • User Action
        • User Bulk Create
        • User Create
        • User Create Complete
        • User Deactivate
        • User Delete
        • User Delete Complete
        • User Email Update
        • User Email Verified
        • User IdP Link
        • User IdP Unlink
        • User Login Failed
        • User Login Id Dup. Create
        • User Login Id Dup. Update
        • User Login New Device
        • User Login Success
        • User Login Suspicious
        • User Password Breach
        • User Password Reset Send
        • User Password Reset Start
        • User Password Reset Success
        • User Password Update
        • User Reactivate
        • User Reg. Create
        • User Reg. Create Complete
        • User Reg. Delete
        • User Reg. Delete Complete
        • User Registration Update
        • User Reg. Update Complete
        • User Reg. Verified
        • User 2FA Method Add
        • User 2FA Method Remove
        • User Update
        • User Update Complete
    • Guides
      • Overview
      • Advanced Registration Forms
      • Breached Password Detection
      • Multi-Factor Authentication
      • Multi-Tenant
      • Passwordless
      • Securing Your APIs
      • Silent Mode
      • Single Sign-on
    • Integrations
      • Overview
      • CleanSpeak
      • Kafka
      • Twilio
    • JSON Web Tokens
    • Key Master
    • Localization and Internationalization
    • Plugins
      • Overview
      • Writing a Plugin
      • Custom Password Hashing
    • Search And FusionAuth
    • Two Factor (pre 1.26)
    • User Control & Gating
      • Gate Unverified Users
      • Gate Unverified Registrations
      • User Account Lockout
  • Customization
    • Email & Templates
      • Overview
      • Configure Email
      • Email Templates
      • Email Variables
      • Message Templates
    • Lambdas
      • Overview
      • Apple Reconcile
      • Client Cred. JWT Populate
      • Epic Games Reconcile
      • External JWT Reconcile
      • Facebook Reconcile
      • Google Reconcile
      • HYPR Reconcile
      • JWT Populate
      • LDAP Connector Reconcile
      • LinkedIn Reconcile
      • Nintendo Reconcile
      • OpenID Connect Reconcile
      • SAML v2 Populate
      • SAML v2 Reconcile
      • SCIM Group Req. Converter
      • SCIM Group Resp. Convtr.
      • SCIM User Req. Converter
      • SCIM User Resp. Converter
      • Sony PSN Reconcile
      • Steam Reconcile
      • Twitch Reconcile
      • Twitter Reconcile
      • Xbox Reconcile
    • Messengers
      • Overview
      • Generic Messenger
      • Kafka Messenger
      • Twilio Messenger
    • Themes
      • Overview
      • Examples
      • Helpers
      • Localization
      • Template Variables
  • Premium Features
    • Advanced Threat Detection
    • Connectors
      • Overview
      • Generic Connector
      • LDAP Connector
      • FusionAuth Connector
    • Entity Management
    • SCIM
      • Overview
      • SCIM-SDK Example
    • Self Service Account Mgmt
      • Overview
      • Updating User Data & Password
      • Add Two-Factor Authenticator
      • Add Two-Factor Email
      • Add Two-Factor SMS
      • Customizing
      • Troubleshooting
  • APIs
    • Overview
    • Authentication
    • Errors
    • Actioning Users
    • API Keys
    • Applications
    • Audit Logs
    • Connectors
      • Overview
      • Generic
      • LDAP
    • Consents
    • Emails
    • Entity Management
      • Overview
      • Entities
      • Entity Types
      • Grants
    • Event Logs
    • Families
    • Forms
    • Form Fields
    • Groups
    • Identity Providers
      • Overview
      • Links
      • Apple
      • External JWT
      • Epic Games
      • Facebook
      • Google
      • HYPR
      • LinkedIn
      • Nintendo
      • OpenID Connect
      • SAML v2
      • SAML v2 IdP Initiated
      • Sony PlayStation Network
      • Steam
      • Twitch
      • Twitter
      • Xbox
    • Integrations
    • IP Access Control Lists
    • JWT
    • Keys
    • Lambdas
    • Login
    • Message Templates
    • Messengers
      • Overview
      • Generic
      • Kafka
      • Twilio
    • Multi-Factor/Two Factor
    • Passwordless
    • Reactor
    • Registrations
    • Reports
    • SCIM
      • Overview
      • SCIM EnterpriseUser
      • SCIM Group
      • SCIM Service Provider Config.
      • SCIM User
    • System
    • Tenants
    • Themes
    • Users
    • User Actions
    • User Action Reasons
    • User Comments
    • Webhooks
  • Release Notes

    Email Variables

    Templates & Replacement Variables

    The email template body (both HTML and text values), subject, and from name fields support replacement variables. This means placeholders can be inserted and the value will be calculated at the time the email template is rendered and sent to a user.

    Most templates will contain the User object as returned on the Retrieve User API. This means you can utilize any value found on the User object such as email, first name, last name, etc.

    Below you will find each stock template that FusionAuth ships for reference. The available replacement values will be outlined below for each template.

    • Breached Password

    • Confirm Child

    • COPPA Email Plus Notice

    • COPPA Notice

    • Email Verification

    • Forgot Password

    • Parent Registration Request

    • Passwordless Login

    • Registration Verification

    • Setup Password

    • Threat Detected

    • Two Factor Authentication

    The following

    If you create a template with content and template variables for one type of email template (Forgot Password), but assign it to another type of email template (Passwordless Login, for example), the email will not be sent as expected.

    Instead, the attempt will fail and there will be an error added to the Event Log.

    Breached Password

    HTML
    
    <p>This password was found in the list of vulnerable passwords, and is no longer secure.</p>
    
    <p>In order to secure your account, it is recommended to change your password at your earliest convenience.</p>
    
    <p>Follow this link to change your password.</p>
    
    <a href="https://local.fusionauth.io/password/forgot?email=${user.email}&tenantId=${user.tenantId}">
      https://local.fusionauth.io/password/forgot?email=${user.email}&tenantId=${user.tenantId}
    </a>
    
    - FusionAuth Admin
    Text
    
    This password was found in the list of vulnerable passwords, and is no longer secure.
    
    In order to secure your account, it is recommended to change your password at your earliest convenience.
    
    Follow this link to change your password.
    
    https://local.fusionauth.io/password/forgot?email=${user.email}&tenantId=${user.tenantId}
    
    - FusionAuth Admin

    Replacement Variables

    application [Application] Available since 1.27.2

    The Application object, see the Application API for field definitions.

    Note: This object may not be available depending upon when this template is constructed. If you utilize this object in your template, ensure you first check to see if it is defined.

    breachResult.loginIds [Array<String>]

    The breach result matching loginIds. This is an array of zero or more email addresses or usernames found in the breach result matching this user. A length of zero means only the password was matched.

    breachResult.match [String]

    The breach result match type determined by the FusionAuth Reactor. Possible values include:

    • ExactMatch The User’s loginId and password were found exactly as entered.

    • SubAddressMatch The User’s loginId and password were matched, but the email address was a sub-address match. For example, joe+test@example.com is a sub-address match for joe@example.com.

    • PasswordOnly Only the password found, the loginId and password combination were not matched.

    • CommonPassword The User’s password was found to be one of the most commonly known breached passwords.

    user [User]

    The User object, see the User API for field definitions.

    Confirm Child

    HTML
    
    Your child has created an account with us and you need to confirm them before they are added to your family. Click the link below to confirm your child's account.
    <p>
      <a href="http://example.com/family/confirm-child">http://example.com/family/confirm-child</a>
    </p>
    - FusionAuth Admin
    Text
    
    Your child has created an account with us and you need to confirm them before they are added to your family. Click the link below to confirm your child's account.
    
    http://example.com/family/confirm-child
    
    - FusionAuth Admin

    Replacement Variables

    child [User]

    The child User object, see the User API for field definitions of a User.

    parent [User]

    The parent User object, see the User API for field definitions of a User.

    tenant [Tenant] Available since 1.18.2

    The Tenant object, see the Tenant API for field definitions.

    user Deprecated

    The parent User object. This field has been deprecated, please use the parent object instead.

    COPPA Email Plus Notice

    HTML
    
    A while ago, you granted your child consent in our system. This email is a second notice of this consent as required by law and also to remind to that you can revoke this consent at anytime on our website or by clicking the link below:
    <p>
      <a href="http://example.com/consent/manage">http://example.com/consent/manage</a>
    </p>
    
    - FusionAuth Admin
    Text
    
    A while ago, you granted your child consent in our system. This email is a second notice of this consent as required by law and also to remind to that you can revoke this consent at anytime on our website or by clicking the link below:
    
    http://example.com/consent/manage
    
    - FusionAuth Admin

    Replacement Variables

    consent [UserConsent]

    The User Consent object, see the Consent API for field definitions of a User consent.

    tenant [Tenant] Available since 1.18.2

    The Tenant object, see the Tenant API for field definitions of a Tenant.

    user [User]

    The User giving consent, see the User API for field definitions of a User.

    COPPA Notice

    HTML
    
    You recently granted your child consent in our system. This email is to notify you of this consent. If you did not grant this consent or wish to revoke this consent, click the link below:
    <p>
      <a href="http://example.com/consent/manage">http://example.com/consent/manage</a>
    </p>
    - FusionAuth Admin
    Text
    
    You recently granted your child consent in our system. This email is to notify you of this consent. If you did not grant this consent or wish to revoke this consent, click the link below:
    
    http://example.com/consent/manage
    
    - FusionAuth Admin

    Replacement Variables

    tenant [Tenant] Available since 1.18.2

    The Tenant object, see the Tenant API for field definitions of a Tenant.

    user [User]

    The User giving consent, see the User API for field definitions of a User.

    Email Verification

    HTML
    
    [#if user.verified]
    Pro tip, your email has already been verified, but feel free to complete the verification process to verify your verification of your email address.
    [/#if]
    
    [#if verificationOneTimeCode??]
    <p> Complete email verification by entering this code into the verification form. </p>
    <p> ${verificationOneTimeCode} </p>
    [#else]
    To complete your email verification click on the following link.
    <p>
      <a href="https://local.fusionauth.io/email/verify/${verificationId}?tenantId=${user.tenantId}">
        https://local.fusionauth.io/email/verify/${verificationId}?tenantId=${user.tenantId}
      </a>
    </p>
    [/#if]
    
    - FusionAuth Admin
    Text
    
    [#if user.verified]
    Pro tip, your email has already been verified, but feel free to complete the verification process to verify your verification of your email address.
    [/#if]
    
    [#if verificationOneTimeCode??]
    Complete email verification by entering this code into the verification form.
    
    ${verificationOneTimeCode}
    [#else]
    To complete your email verification click on the following link.
    
    https://local.fusionauth.io/email/verify/${verificationId}?tenantId=${user.tenantId}
    [/#if]
    
    
    - FusionAuth Admin

    Replacement Variables

    application [Application] Available since 1.21.0

    The Application object, see the Application API for field definitions.

    Note: This object may not be available depending upon when this template is constructed. If you utilize this object in your template, ensure you first check to see if it is defined.

    tenant [Tenant] Available since 1.18.2

    The Tenant object, see the Tenant API for field definitions of a Tenant.

    user [User]

    The User object, see the User API for field definitions of a User.

    verificationId [String]

    The verification Id intended to be used by the Verify Email API.

    verificationOneTimeCode [String]

    The verification One Time Code (OTP) to be used with the gated Email Verification workflow. The user enters this code to verify their email.

    Forgot Password

    This is also known as the "Change Password" template.

    HTML
    
    [#setting url_escaping_charset="UTF-8"]
    To change your password click on the following link.
    <p>
      [#-- The optional 'state' map provided on the Forgot Password API call is exposed in the template as 'state' --]
      [#assign url = "http://localhost:9011/password/change/${changePasswordId}?tenantId=${user.tenantId}" /]
      [#list state!{} as key, value][#if key != "tenantId" && value??][#assign url = url + "&" + key?url + "=" + value?url/][/#if][/#list]
      <a href="${url}">${url}</a>
    </p>
    - FusionAuth Admin
    Text
    
    [#setting url_escaping_charset="UTF-8"]
    To change your password click on the following link.
    
    [#-- The optional 'state' map provided on the Forgot Password API call is exposed in the template as 'state' --]
    [#assign url = "http://localhost:9011/password/change/${changePasswordId}?tenantId=${user.tenantId}" /]
    [#list state!{} as key, value][#if key != "tenantId" && value??][#assign url = url + "&" + key?url + "=" + value?url/][/#if][/#list]
    
    ${url}
    
    - FusionAuth Admin

    Replacement Variables

    application [Application] Available since 1.21.0

    The Application object, see the Application API for field definitions.

    Note: This object may not be available depending upon when this template is constructed. If you utilize this object in your template, ensure you first check to see if it is defined.

    changePasswordId [String]

    The change password Id intended to be used by the Change a User’s Password API.

    state [Object]

    If the state was provided during the Forgot Password request, it will be available to you in the email template.

    tenant [Tenant] Available since 1.18.2

    The Tenant object, see the Tenant API for field definitions.

    user [User]

    The User object, see the User API for field definitions of a User.

    Parent Registration Request

    HTML
    
    Your child has created an account with us and needs you to create an account and verify them. You can sign up using the link below:
    <p>
      <a href="http://example.com/family/confirm-child">http://example.com/family/confirm-child</a>
    </p>
    - FusionAuth Admin
    Text
    
    Your child has created an account with us and needs you to create an account and verify them. You can sign up using the link below:
    
    http://example.com/family/confirm-child
    
    - FusionAuth Admin

    Replacement Variables

    child [User]

    The child User object, see the User API for field definitions of a User.

    tenant [Tenant] Available since 1.18.2

    The Tenant object, see the Tenant API for field definitions of a Tenant.

    Passwordless Login

    HTML
    
    [#setting url_escaping_charset="UTF-8"]
    You have requested to log into FusionAuth using this email address. If you do not recognize this request please ignore this email.
    <p>
      [#-- The optional 'state' map provided on the Start Passwordless API call is exposed in the template as 'state' --]
      [#assign url = "https://local.fusionauth.io/oauth2/passwordless/${code}?tenantId=${user.tenantId}" /]
      [#list state!{} as key, value][#if key != "tenantId" && value??][#assign url = url + "&" + key?url + "=" + value?url/][/#if][/#list]
    
      <a href="${url}">${url}</a>
    </p>
    - FusionAuth Admin
    Text
    
    [#setting url_escaping_charset="UTF-8"]
    You have requested to log into FusionAuth using this email address. If you do not recognize this request please ignore this email.
    
    [#-- The optional 'state' map provided on the Start Passwordless API call is exposed in the template as 'state' --]
    [#assign url = "https://local.fusionauth.io/oauth2/passwordless/${code}?tenantId=${user.tenantId}" /]
    [#list state!{} as key, value][#if key != "tenantId" && value??][#assign url = url + "&" + key?url + "=" + value?url/][/#if][/#list]
    
    ${url}
    
    - FusionAuth Admin

    Replacement Variables

    application [Application] Available since 1.21.0

    The Application object, see the Application API for field definitions.

    Note: This object may not be available depending upon when this template is constructed. If you utilize this object in your template, ensure you first check to see if it is defined.

    code [String]

    The unique code intended to be used by the Complete a Passwordless Login API.

    state [Object]

    If the state was provided when the Passwordless request was initiated, it will be available to you in the email template.

    tenant [Tenant] Available since 1.18.2

    The Tenant object, see the Tenant API for field definitions of a Tenant.

    user [User]

    The User object, see the User API for field definitions of a User.

    Registration Verification

    HTML
    
    [#if registration.verified]
    Pro tip, your registration has already been verified, but feel free to complete the verification process to verify your verification of your registration.
    [/#if]
    
    [#if verificationOneTimeCode??]
    <p> To complete your registration verification, enter this code into the verification form. </p>
    <p> ${verificationOneTimeCode} </p>
    [#else]
    To complete your registration verification click on the following link.
    <p>
      <a href="https://local.fusionauth.io/registration/verify/${verificationId}?tenantId=${user.tenantId}">
        https://local.fusionauth.io/registration/verify/${verificationId}?tenantId=${user.tenantId}
      </a>
    </p>
    [/#if]
    
    - FusionAuth Admin
    Text
    
    [#if registration.verified]
    Pro tip, your registration has already been verified, but feel free to complete the verification process to verify your verification of your registration.
    [/#if]
    
    [#if verificationOneTimeCode??]
    To complete your registration verification, the this code into the registration verification form.
    
    ${verificationOneTimeCode}
    [#else]
    To complete your registration verification click on the following link.
    
    https://local.fusionauth.io/registration/verify/${verificationId}?tenantId=${user.tenantId}
    [/#if]
    
    
    - FusionAuth Admin

    Replacement Variables

    application [Application] Available since 1.21.0

    The Application object, see the Application API for field definitions.

    registration UserRegistration]

    The User Registration object, see the Registration API for field definitions of a User.

    tenant [Tenant] Available since 1.18.2

    The Tenant object, see the Tenant API for field definitions of a Tenant.

    user [User]

    The User object, see the User API for field definitions of a User.

    verificationId [String]

    The verification Id intended to be used by the Verify a User Registration API.

    verificationOneTimeCode [String]

    The verification One Time Code to be used with the Gated Registration workflow. The user enters this code to verify their email.

    Setup Password

    HTML
    
    Your account has been created and you must setup a password. Click on the following link to setup your password.
    <p>
      <a href="http://localhost:9011/password/change/${changePasswordId}?tenantId=${user.tenantId}">
        http://localhost:9011/password/change/${changePasswordId}?tenantId=${user.tenantId}
      </a>
    </p>
    - FusionAuth Admin
    Text
    
    Your account has been created and you must setup a password. Click on the following link to setup your password.
    
    http://localhost:9011/password/change/${changePasswordId}?tenantId=${user.tenantId}
    
    - FusionAuth Admin

    Replacement Variables

    application [Application] Available since 1.21.0

    The Application object, see the Application API for field definitions.

    Note: This object may not be available depending upon when this template is constructed. If you utilize this object in your template, ensure you first check to see if it is defined.

    changePasswordId [String]

    The change password Id intended to be used by the Change a User’s Password API.

    tenant [Tenant] Available since 1.18.2

    The Tenant object, see the Tenant API for field definitions of a Tenant.

    user [User]

    The User object, see the User API for field definitions of a User.

    Two Factor Authentication

    HTML
    
    <p>
      To complete your login request, enter this one-time code code on the login form when prompted.
    </p>
    <p>
      <strong>${code}</strong>
    </p>
    
    - FusionAuth Admin
    Text
    
    To complete your login request, enter this one-time code code on the login form when prompted.
    
    ${code}
    
    - FusionAuth Admin

    Replacement Variables

    application [Application] Available since 1.28.0

    The Application object, see the Application API for field definitions.

    code [String]

    A code that the user must provide to complete multi-factor authentication.

    tenant [Tenant] Available since 1.18.2

    The Tenant object, see the Tenant API for field definitions.

    user [User]

    The User object, see the User API for field definitions of a User.

    Threat Detected

    FusionAuth Reactor logo

    This feature is only available in the Enterprise edition of FusionAuth. Please visit our pricing page to learn more about paid editions.

    HTML
    
    [#setting url_escaping_charset="UTF-8"]
    [#if event.type == "UserLoginSuspicious"]
    A suspicious login was made on your account. If this was you, you can safely ignore this email. If this wasn't you, we recommend that you change your password as soon as possible.
    [#elseif event.type == "UserLoginNewDevice"]
    A login from a new device was detected on your account. If this was you, you can safely ignore this email. If this wasn't you, we recommend that you change your password as soon as possible.
    [#else]
    Suspicious activity has been observed on your account. In order to secure your account, it is recommended to change your password at your earliest convenience.
    [/#if]
    
    Device details
    
    * Device name: ${(event.info.deviceName)!'&mdash;'}
    * Device description: ${(event.info.deviceDescription)!'&mdash;'}
    * Device type: ${(event.info.deviceType)!'&mdash;'}
    * User agent: ${(event.info.userAgent)!'&mdash;'}
    
    Event details
    
    * IP address: ${(event.info.ipAddress)!'-'}
    * City: ${(event.info.location.city)!'-'}
    * Country: ${(event.info.location.country)!'-'}
    * Zipcode: ${(event.info.location.zipcode)!'-'}
    * Lat/long: ${(event.info.location.latitude)!'-'}/${(event.info.location.longitude)!'-'}
    
    - FusionAuth Admin
    Text
    
    [#setting url_escaping_charset="UTF-8"]
    [#if event.type == "UserLoginSuspicious"]
      <p>A suspicious login was made on your account. If this was you, you can safely ignore this email. If this wasn't you, we recommend that you change your password as soon as possible.</p>
    [#elseif event.type == "UserLoginNewDevice"]
      <p>A login from a new device was detected on your account. If this was you, you can safely ignore this email. If this wasn't you, we recommend that you change your password as soon as possible.</p>
    [#else]
      <p>Suspicious activity has been observed on your account. In order to secure your account, it is recommended to change your password at your earliest convenience.</p>
    [/#if]
    
    <p>Device details</p>
    <ul>
      <li><strong>Device name:</strong> ${(event.info.deviceName)!'&mdash;'}</li>
      <li><strong>Device description:</strong> ${(event.info.deviceDescription)!'&mdash;'}</li>
      <li><strong>Device type:</strong> ${(event.info.deviceType)!'&mdash;'}</li>
      <li><strong>User agent:</strong> ${(event.info.userAgent)!'&mdash;'}</li>
    </ul>
    
    <p>Event details</p>
    <ul>
      <li><strong>IP address:</strong> ${(event.info.ipAddress)!'&mdash;'}</li>
      <li><strong>City:</strong> ${(event.info.location.city)!'&mdash;'}</li>
      <li><strong>Country:</strong> ${(event.info.location.country)!'&mdash;'}</li>
      <li><strong>Zipcode:</strong> ${(event.info.location.zipcode)!'&mdash;'}</li>
      <li><strong>Lat/long:</strong> ${(event.info.location.latitude)!'&mdash;'}/${(event.info.location.longitude)!'&mdash;'}</li>
    </ul>
    
    - FusionAuth Admin

    Replacement Variables

    application [Application] Available since 1.28.0

    The Application object, see the Application API for field definitions.

    event.info [EventInfo]

    The EventInfo object, see the User Login Suspicious event definition for example field definitions.

    tenant [Tenant] Available since 1.18.2

    The Tenant object, see the Tenant API for field definitions.

    user [User]

    The User object, see the User API for field definitions of a User.

    Using Replacement Variables

    Below are some basic examples of using replacement values in your email templates.

    Consider the following User represented by this condensed JSON object.

    
    {
      "email": "monica@piedpiper.com",
      "firstName": "Monica",
      "id": "1c592f8a-59c6-4a09-82f8-f4257e3ea4c8",
      "lastName": "Hall"
    }

    The following are example usages with a rendered output based upon the above mentioned example User. The replacement variables are rendered using Apache FreeMarker which is an HTML template language.

    A default value should be provided for variables that may be undefined at runtime such as firstName. See firstName in the example below is followed by a bang ! and then the string Unknown User. This indicates that if firstName is undefined when the template is rendered the value of Unknown User should be used as a default value.

    Template Source

    
    Hi ${user.firstName!'Unknown User'}, welcome to Pied Piper.
    
    Please verify your email address ${user.email} by following the provided link.
    
    https://piedpiper.fusionauth.io/email/verify/${verificationId}
    - Admin

    Rendered Output

    
    Hi Monica, welcome to Pied Piper.
    
    Please verify your email address monica@piedpiper.com by following the provided link.
    
    https://piedpiper.fusionauth.io/email/verify/YkQY5Gsyo4RlfmDciBGRmvfj3RmatUqrbjoIZ19fmw4
    - Admin

    Custom Replacement Variables

    In addition to the variables mentioned in the previous section, when defining your own email templates to be used by the Send Email API custom data may be provided on the API request to be used in the email template.

    On Send Email API request the contents of the requestData field will be made available to you when the template is rendered.

    For example, consider the following request to the Send API to send email template Id 1bc118ae-d5fa-4cdf-a90e-e8ef55c3e11e to the User by Id ce485a91-906f-4615-af75-81d37dc71e90.

    URI

    POST /api/email/send/1bc118ae-d5fa-4cdf-a90e-e8ef55c3e11e

    Example Request JSON
    
    {
      "requestData": {
        "paymentAmount": "$9.99",
        "product": "party hat",
        "quantity": "12"
      },
      "userIds": [
        "ce485a91-906f-4615-af75-81d37dc71e90"
      ]
    }

    Template Source

    
    Hello ${user.firstName!''},
    
    Thank you for your purchase! We value your business, please come again!
    
    Product: ${requestData.product!'unknown'}
    Quantity: ${requestData.quantity!'unknown`}
    
    - Pied Piper Customer Success

    Rendered Output

    
    Hello Kelly,
    
    Thank you for your purchase! We value your business, please come again!
    
    Product: party hat
    Quantity: 12
    
    - Pied Piper Customer Success

    Feedback

    How helpful was this page?

    See a problem?

    File an issue in our docs repo

    © 2022 FusionAuth
    Subscribe for developer updates