> ## Documentation Index
> Fetch the complete documentation index at: https://auth0.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Implement User Invitations for Application Sign-Up using Password Reset Emails

> How to implement a way to invite users to sign up for an account in an Auth0 application.

<Warning>
  Looking for how to invite users to an Organization? Read [Invite Organization Members](/docs/manage-users/organizations/configure-organizations/invite-members) instead.
</Warning>

One way to manage sign-ups for an Auth0 application is with user invitations.

In a typical user invitation workflow, an application administrator creates a new user account and then sends an email invitation to a user with an activation link. When the user follows the link, they set a password for the account, and can then log in.

A user invitation system can be useful for use cases like restricting sign-ups or creating accounts in bulk.

## Implementing user invitations for application sign-up on Auth0

On Auth0, you can implement user invitations using the password change workflow.

* By styling the Universal Login or Classic Login password reset page to additionally support a user invitation experience, you can use a password change link as an invitation to a new user account.

* By similarly customizing the password change email template, you can use Auth0's password change workflow to generate the password change link and send the invitation email using your tenant's [configured SMTP provider](/docs/customize/email/smtp-email-providers).

<Callout icon="file-lines" color="#0EA5E9" iconType="regular">
  If you already have an external email solution and don't want to configure an SMTP provider on your tenant, you can [use the Management API to generate the password change ticket](https://auth0.com/docs/api/management/v2/tickets/post-password-change) and email the ticket link to the user yourself instead of using Auth0's email template and workflow.
</Callout>

This implementation relies on a user metadata property (named `user.app_metadata.needsInvitation` in these instructions) which indicates that the user has an outstanding invitation: when it's `true`, the user receives the user invitation experience; otherwise, they receive the regular password reset experience.

### 1. Customize the password change email template

First, [customize the password change (link) email template](/docs/customize/email/email-templates/customize-email-templates) to handle both user invitation and password change workflows.

[Use Liquid](/docs/customize/email/email-templates/supported-liquid-syntax) to check whether the user metadata property for an outstanding invitation is set and send the appropriate message. For example:

```liquid lines theme={null}
{% if user.app_metadata.needsInvitation %}
    // User invitation email content here
{% else %}
    // Password change email content here
{% endif %}
```

Additionally, append a query parameter to the password reset link in the message body to indicate which experience the user should see on the password reset page. For example, you can append `type=invite` or `type=reset`.

### 2. Style the password reset page

Based on the query parameter you set in the template, style the password reset page to support both user invitation and password change workflows based on the query parameter.

For instructions with Universal Login, read [Customize Universal Login](/docs/customize/login-pages/universal-login). For instructions with Classic Login, read [Customize Password Reset Page](/docs/customize/login-pages/classic-login/customize-password-reset-page).

### 3. Create a post-login Action to unset the invitation property

Once the user sets their password and logs in for the first time, they no longer need an invitation and should receive the password change experience in the future.

To handle this, [create a post-login Action](/docs/customize/actions/explore-triggers/signup-and-login-triggers/login-trigger) that sets `user.app_metadata.needsInvitation` to `false`:

```javascript theme={null}
exports.onExecutePostLogin = async (event, api) => {
    if (event.user.app_metadata.needsInvitation) {
        api.user.setAppMetadata("needsInvitation", false);
    }
};
```

### 4. Send user invitations

To send a user invitation, [create a new Auth0 database user from the dashboard](/docs/authenticate/database-connections) or the [Create a User endpoint](https://auth0.com/docs/api/management/v2/#!/Users/post_users) in the Management API and:

* Set the `user.email_verified` parameter set to `false`.

* Set `user.app_metadata.needsInvitation` to `true`.

Then, call the Authentication API's [Change password endpoint](https://auth0.com/docs/api/authentication/change-password/change-password) to send the invitation email to the user.

## Learn more

To control where the user is redirected after setting their password:

* For Universal Login, [customize the password reset flow login route](/docs/authenticate/login/auth0-universal-login/configure-default-login-routes#complete-password-reset-flow).

* For Classic Login, set the **Redirect To** field in the email template.

For more information on email configuration, you can read:

* [Customize Email Templates](/docs/customize/email/email-templates)

* [Configure External SMTP Email Providers](/docs/customize/email/smtp-email-providers)