Using Netlify Identity Registration Setting "Invite Only" with gotrue-js

Steps to reproduce the issue:

  1. The Netlify Identity Registration Setting is set to Invite Only
  2. Use the Netlify Identity screen to Invite a user. Netlify sends the user an email with a link to “Accept the Invite”
  3. The user clicks the link and arrives at my site: https://objective-booth-388c10.netlify.com/#invite_token=[TheTokenWasHere]
  4. I use this gotrue.js method to confirm the user: auth.confirm(token);
  5. This is where the issue occurs. Instead of confirming the user, the system logs a console error (see screenshot below): Invited users must specify a password.

But, it looks like the auth.confirm method does not have a password parameter. I see no way of supplying the needed password.

How do send the user’s password?
What is the high-level overview of how to process invite-only signups with gotrue-js & Netlify Identity?

Hi @edtalmadge - seems like you removed or renamed the site so I can’t look at your configuration.

I think you’re using our identity widget, which is intended to handle the password setting for you directly so you shouldn’t need to do this?

But if you do, there is supposed to be a confirm method as described here: https://github.com/netlify/gotrue-js#create-a-new-user - it has parameters email and password, rather than using the token.

Thanks @fool. To answer your questions:

seems like you removed or renamed the site so I can’t look at your configuration.

The new site name is: https://mcab.netlify.com

I think you’re using our identity widget, which is intended to handle the password setting for you directly so you shouldn’t need to do this?

I’m not using the identity widget. Instead, I’m using gotrue-js.

there is supposed to be a confirm method as described here: https://github.com/netlify/gotrue-js#create-a-new-user - it has parameters email and password, rather than using the token.

OK, that makes sense. Then, with gotrue-js, what should be the process for invite-only users to get a working login? Something like this?
Please see point 4 below. I’m not sure what to do with the confirmation_token.

  1. I visit https://app.netlify.com/sites/mcab/identity and click the “invite users” button in order to send an invite email. Registration is invite-only.
  2. The user receives the invite email and clicks the Confirm Your Email Address button.
  3. The user arrives at my home page URL plus confirmation token hash, such as: https://mcab.netlify.com/#confirmation_token=[the token was here]
  4. ??? I do something with the confirmation token to verify that the user was invited??
  5. I present the user with a signup form where they can create a new password.
  6. When the user submits the form, I use the gotrue-js auth.signup method (as you suggested) to signup the user.

I think that should work. Perhaps you can look at the code in the identity widget to see what calls it makes? It’s just javascript using that same API. Our support team can’t really consult on code at that level but if that isn’t sufficient please let us know what you found while you tried :slight_smile:

Hi @edtalmadge - not sure if you’ve solved this one yet. I just had the same problem.

I dug into the gotrue-js package source and found a method called acceptInvite that takes a token & a password as its parameters. Using auth.acceptInvite(token, password) allowed me to set a password for an invited user.

1 Like