Custom invitation flow
Hi everyone,
I’m experimenting with Zitadel and trying to manage the invitation flow myself, including sending emails. I attempted to create a user via the API and then request an invitation code, but I’m getting the following error:
User is already initialized (COMMAND-EF34g)
The user I create has an email address that is considered verified but has no authentication method associated.
Does anyone know why this error occurs and how to work around it? Should the invitation be handled differently in this case?
Thanks in advance for your help! 😊
Environment: Self Hosting
Version: v2.70.0
Stack: Node.JS / typescript
6 Replies
hi @Shengael looking into this now, can you share your full curl request(with all the params), with which you are creating the user.
Hi @Shengael the reason why you are getting this error is because Email already verified BUT there is No authentication method.
Since the invitation code system requires both conditions to be false for code creation to be allowed, having a verified email automatically fails this check, resulting in the "User is already initialized" error
You can also see it how it's implemented in the code here
So to tackle this, you can Create the user but don't mark their email as verified (
isVerified field)
Generate the invite code and The invite code verification process will mark the email as verified 🙂
lmk if this helps.
The API for creating user is https://zitadel.com/docs/apis/resources/user_service_v2/user-service-add-human-userHi @Rajat ,
Thanks a lot for the explanation, that makes total sense! 😊
I actually don’t want to use Zitadel’s email system because I’d like to manage that part myself. However, based on the documentation, it seems that if I create a user without marking the email as verified, Zitadel might send a verification email.
From the documentation, it says:
"The newly created user will get a verification email if either the email address is not marked as verified and you did not request the verification to be returned."
I’m not entirely sure I understood this correctly, but from what I gather, this means that if isVerified: false, Zitadel will send an email unless I explicitly request the verification to be returned. Is that correct? If so, is there a way to prevent Zitadel from sending this email while still allowing me to handle the verification on my side?
Thanks again for your help!
ahh I see your point, I have to check more for that as this is quite specific use case and there may be no out of the box solutions as such as of now, I will check it regardless
I dont think so you can do that @Shengael with any out of the box solution , we only have APIs thru which you can do things what you were describing above, We do have email providers APIs which you can play around if you'd like
https://zitadel.com/docs/apis/resources/admin/admin-service-list-email-providers but that's pretty much of it
ZITADEL Docs
Returns a list of Email providers.
Thanks a lot for taking the time to look into this! I really appreciate the info. I'll check out the email provider APIs and see if there’s a workaround that fits my needs.
Thanks again @Rajat !
Hi @Shengael you can also look at this document https://zitadel.com/docs/guides/integrate/onboarding/end-users#manually-addinvite-users this might also to help you 🙂
ZITADEL Docs
End Users have three different possibilities on how to login with ZITADEL.