> ## Documentation Index
> Fetch the complete documentation index at: https://docs-staging-quickstart-revamp.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

> Describes the email templates used in Auth0.

# Email Template Descriptions

## Verification emails

If you turn on the **Verification Email**, users who sign up on a database connection will receive a message asking to confirm their email address by clicking on a URL included in the message.

In addition to the common variables available for all email templates, the **Verification Email** provides the `url` variable that refers to the URL that the user will have to click. You will use it in the **Message** field to create a link that the user can follow.

### Redirect To results for verification email template

You can configure a **Redirect To** URL to send the users to after the email verification action was attempted. By default, Auth0 includes the following parameters:

* `success` with value `true` or `false` indicating whether the email verification was successful
* `message` with an additional description of the outcome. Some possible values are:

  * `Your email was verified. You can continue using the application.` (with `success=true`)
  * `This URL can be used only once` (with `success=false`)
  * `Access expired.` (with `success=false`)
  * `User account does not exist or verification code is invalid.` (with `success=false`)
  * `This account is already verified.` or `Your email address could not be verified.`(with `success=false`)

<Callout icon="file-lines" color="#0EA5E9" iconType="regular">
  For some errors, the user may be sent to the [Generic Error Page](/docs/authenticate/login/auth0-universal-login/error-pages) page instead of the Redirect To URL.
</Callout>

You can prevent sending the email addresses on the redirect links by updating the email templates using the <Tooltip tip="Management API: A product to allow customers to perform administrative tasks." cta="View Glossary" href="/docs/glossary?term=Management+API">Management API</Tooltip>. For example:

`PATCH /api/v2/email-templates/reset_email { "includeEmailInRedirect": false } }`

or,

`PATCH /api/v2/email-templates/verify_email { "includeEmailInRedirect": false }}`

The target URL handler should be prepared to gracefully handle other possible messages as well.

## Welcome emails

Once a user verifies their email address, they will receive a **Welcome Email**. If you turn off the **Verification Email** feature, the **Welcome Email** will be sent to the user when they sign-up (or log in for the first time).

In addition to the common variables available for all email templates, the following are available to the **Welcome** template:

* If the user is logged in through an [Organization](/docs/manage-users/organizations/organizations-overview):

  * `organization.id`
  * `organization.display_name`
  * `organization.name`
  * `organization.metadata`
  * `organization.branding.logo_url`
  * `organization.branding.colors.primary`
  * `organization.branding.colors.page_background`

## Change password emails

If a user requests a password change, they will receive a **Change Password** email that contains a URL link. When the user clicks on the link, a [Password Reset page](/docs/customize/login-pages/classic-login/customize-password-reset-page) will be presented to enter the new password.

In addition to the common variables available for all email templates, the following are available to the **User Invitation** template:

* `url`: URL that the user will select to change their password. You can use it in the **Message** field to create a link that the user can follow, as in this example:
  `<a href="/docs/{{ url }}">Click here to change your password</a>`
* If the user is logged in through an [Organization](/docs/manage-users/organizations/organizations-overview):

  * `organization.id`
  * `organization.display_name`
  * `organization.name`
  * `organization.metadata`
  * `organization.branding.logo_url`
  * `organization.branding.colors.primary`
  * `organization.branding.colors.page_background`

### Redirect To results for change password template

You can configure a **Redirect To** URL to send the users to after the password change action was attempted. By default, Auth0 includes the following parameters:

* `success` with value `true` or `false` indicating whether the password change was successful
* `message` with an additional description of the outcome. Some possible values are:

  * `You can now login to the application with the new password.` (with `success=true`)
  * `This URL can be used only once` (with `success=false`)
  * `Access expired.` (with `success=false`)
  * `The operation cannot be completed. Please try again.` (with `success=false`)

The target URL handler should be prepared to gracefully handle other possible messages as well.

<Callout icon="file-lines" color="#0EA5E9" iconType="regular">
  For some errors, the user may be sent to the [Generic Error Page](/docs/authenticate/login/auth0-universal-login/error-pages) page instead of the Redirect To URL.
</Callout>

## Blocked account emails

If a user attempts to log in ten or more times unsuccessfully from the same IP address, the user account will be locked and they will receive a **Blocked Account** email. Once the user receives this email, they will not be able to login from that IP address again until they click on the link contained in the email.

If the user successfully logs in before they exhaust their ten allowed attempts, the counter is reset.

In addition to the common variables available for all email templates, the following ones are available in the **Blocked Account Email** template:

* `user.source_ip`
* `user.city`
* `user.country`
* If the user is logged in through an [Organization](/docs/manage-users/organizations/organizations-overview):

  * `organization.id`
  * `organization.display_name`
  * `organization.name`
  * `organization.metadata`
  * `organization.branding.logo_url`
  * `organization.branding.colors.primary`
  * `organization.branding.colors.page_background`

This template also provides the `url` variable that should be used to create the link that the user needs to follow. For example:

`<a href="/docs/{{ url }}">Click here to unblock your account</a>`

### Redirect To results for blocked account email templates

You can configure a **Redirect To** URL to send the users to after the account unblocking action was attempted. When redirecting, Auth0 will include the following parameters:

* `email` indicating the email of the user
* `success` with value `true` or `false` indicating whether the account unblocking was successful
* `message` with an additional description of the outcome. Some possible values are:

  * `Your account has been unblocked.` (with `success=true`)
  * `This URL can be used only once` (with `success=false`)
  * `Access expired.` (with `success=false`)

The target URL handler should be prepared to gracefully handle other possible messages as well.

## Breached password alert emails

This email type is sent whenever Auth0 detects that the user is trying to access the application using a password that has been leaked by a third party. These emails are only set after enabling **<Tooltip tip="Breached Password Detection: Form of attack protection in which Auth0 notifies your users if they use a username/password combination that has been compromised in a data leak on a third-party website or app." cta="View Glossary" href="/docs/glossary?term=Breached+Password+Detection">Breached Password Detection</Tooltip>** in the [Attack Protection](https://manage.auth0.com/#/security/attack-protection) section of the dashboard. To learn more, see [Breached Password Detection](/docs/secure/attack-protection/breached-password-detection).

In addition to the common variables available for all email templates, the following ones are available for the **Breached Password Alert** emails:

* If the user is logged in through an [Organization](/docs/manage-users/organizations/organizations-overview):

  * `organization.id`
  * `organization.display_name`
  * `organization.name`
  * `organization.metadata`
  * `organization.branding.logo_url`
  * `organization.branding.colors.primary`
  * `organization.branding.colors.page_background`

## Enrollment emails for MFA

This email will be generated when an <Tooltip tip="Multi-factor authentication (MFA): User authentication process that uses a factor in addition to username and password such as a code via SMS." cta="View Glossary" href="/docs/glossary?term=MFA">MFA</Tooltip> enrollment invitation is sent. The message will contain a link that, when visited, will show the MFA enrollment experience.

In addition to the common variables available for all email templates, the `link` variable is available in this email type, containing the URL that you will use to construct the link for this action, as in this example:

`<a href="/docs/{{ link }}">Enroll your MFA device</a>`

Unlike other email templates, the correct variable name is `link` and not `url`. Also, the `connection.name` variable is not available on this email template type.

## Verification code emails for MFA

This email will be generated when you use email as an MFA method and request a verification code to be sent. In addition to the common variables available, the template provides a `code` variable to render the code used for MFA verification. For example:

`<div>Your code is: {{ code }}</div>`

## User invitation emails

If a user is invited to become a member of an [Organization](/docs/manage-users/organizations/organizations-overview), they will receive a **User Invitation** email that contains a URL link. When the user clicks on the link, they will be redirected to your default login route. To learn more, see [Configure Default Login Routes](/docs/authenticate/login/auth0-universal-login/configure-default-login-routes).

<Callout icon="file-lines" color="#0EA5E9" iconType="regular">
  When a user accepts an invitation, their email address will be marked as verified.

  If the user accepts an invitation through federated login, then the identity provider must return the email address that matches the email address to which the invitation was sent. The email verification will not be overridden with the value returned by the identity provider on subsequent logins.

  If the user does not accept an invitation before it expires, the invitation will be marked as expired and eventually deleted from the [Auth0 Dashboard](/docs/get-started/auth0-overview/dashboard).
</Callout>

In addition to the common variables available for all email templates, the following are available to the **User Invitation** template:

* User invitation information (all information derived from the user invitation ticket):

  * `inviter.name`
  * `app_metadata`
  * `user_metadata`
  * `roles.id`
  * `roles.name`
  * `roles.description`
* Organization information:

  * `organization.id`
  * `organization.display_name`
  * `organization.name`
  * `organization.metadata`
  * `organization.branding.logo_url`
  * `organization.branding.colors.primary`
  * `organization.branding.colors.page_background`

To localize emails, you can set the `locale` to be sent in `user_metadata` when creating an invitation. To learn more, see [Customize Email Templates: Multilingual Email Templates](/docs/customize/email/email-templates).

### Redirect results for user invitation email templates

You must [configure a default login route](/docs/authenticate/login/auth0-universal-login/configure-default-login-routes), to which users will be sent after selecting the link to accept the invitation. When redirecting, Auth0 will include the following parameters:

* `invitation`: ID of the invitation ticket
* `organization`: ID of the organization to which the user is being invited
* `organization_name`: Name of the organization to which the user is being invited

For example, if you have an organization-enabled application with an **Application Login URI** set to `https://myapp.com/login`, then the link sent in the email invitation that an end-user receives will be: `https://myapp.com/login?invitation={invitation_ticket_id}&organization={organization_id}&organization_name={organization_name}`.

The target login route should initiate a transaction to `/authorize` that contains the provided `invitation` and `organization` key-value pairs. It should also be prepared to gracefully handle other possible messages.

## Passwordless emails

Unlike the previous email templates types, this email template is not configured from the Email Templates section. Instead, it's part of the [settings for the Email Passwordless Connection](https://manage.auth0.com/#/connections/passwordless).

The <Tooltip tip="Passwordless: Form of authentication that does not rely on a password as the first factor." cta="View Glossary" href="/docs/glossary?term=Passwordless">Passwordless</Tooltip> Email is sent when a passwordless access is requested, either by code (the user receives a code that types in the application) or by a link (the user clicks on a link and is taken directly to the application).

You can use all the common variables available in all templates, plus the following variables defined specifically for the **Passwordless Email** template:

* `send`, which will contain a value of `link`, `link_ios`, `link_android` or `code` depending on the type of passwordless email requested.
* `code` with the one-time-use code to access the application
* `link` with the link that can be clicked by the user to gain access to the application (only for link-type passwordless emails)
* `operation`, which will be `change_email` if this is a passwordless email change operation.

The default template uses the above variables to do something like this:

```liquid lines
<!-- Email change content -->
{% if operation == 'change_email' %}
  <p>Your email address has been updated.</p>
{% else %}
  <!-- Signup email content -->
  {% if send == 'link' or send == 'link_ios' or send == 'link_android' %}
    <p>Click and confirm that you want to sign in to {{ application.name }}. This link will expire in five minutes.</p>
    <a href="/docs/{{ link }}">Sign in to {{ application.name }}</a>
    {% elsif send == 'code' %}
    <p>Your verification code is: <b>{{ code }}</b></p>
  {% endif %}
{% endif %}
```

In the Passwordless Email template only the `email` property of the `user` object is available.

## Learn more

* [Customize Email Templates](/docs/customize/email/email-templates)
* [Customize Email Handling](/docs/customize/email/manage-email-flow)
* [Customize Blocked Account Emails](/docs/customize/email/customize-blocked-account-emails)
