Invite Organization Members

Invite Organization Members

Limited access

Your Auth0 subscription plan and the login method you choose can affect feature availability. To learn more, read:

If you would like to assign a member to an Organization, but the user does not yet exist in your data store (or the user exists in your data store but is not yet a member of your organization), you can invite them to the organization. In this case, the user will receive an email containing a link that will allow them to create an account or log in and join the organization, optionally with predefined roles, and be redirected to your application so that they can immediately start using it.

To configure the invitation flow:

  1. Integrate the membership invitation flow into your application

  2. Customize the user invitation flow

  3. Send membership invitations

Integrate the membership invitation flow into your application

For user invitations to work, you must set up a route in your application as part of the invitation acceptance flow and configure an associated default login route for your tenant or application. A link to the configured URI will be included in the email invitation that is sent to users.

Configure the URI

If the URI should be shared across all of your applications, you can set the Tenant Login URL at Auth0 Dashboard > Settings > Advanced. Otherwise, you can set the URI on a per-application basis by using Application Login URI in your application's settings, which you can reach from Auth0 Dashboard > Applications > Applications.

Specify route behavior

The route in your application must accept invitation and organization parameters through the query string. To start the invitation acceptance transaction, it should forward both parameters along with the end-user to your Auth0 /authorize endpoint.

For example, if you have an organization-enabled application with an Application Login URI set to https://myapp.com/login, then the link sent in the email invitation that an end-user receives will be: https://myapp.com/login?invitation={invitation_ticket_id}&organization={organization_id}&organization_name={organization_name}.

Your application should initiate a transaction to /authorize that contains the provided invitation and organization key-value pairs.

Customize the user invitation flow

To customize the user invitation prompt and email that the user receives, modify the Universal Login prompt and email templates. To learn more, read these pages:

Localization

Since the locale of the invited user is not known ahead of time, you can send an optional user_metadata parameter to the invitation endpoint using the Management API. When localizing the user invitation flow, you can access this parameter through the User Invitation email template and use the same logic as you would with other multilingual email templates.

For the invited user to see the invitation in the appropriate language, your application will need to send the ui_locales parameter or the invited user's browser must send the appropriate Accept-Language header. To learn more, read Customize Email Templates: Multilingual Email Templates.

Send membership invitations

You can send organization membership invitations to users using either the Auth0 Dashboard or the Management API. If you prefer to send the invitation using your own email service, you can choose to only generate an invitation URL. Otherwise, the user will receive an email containing the link, which will allow them to log in to the organization using a configured connection.