User-Token on Registration

When a user first registers, how come a user-token is not returned? Is it not assumed that this new account is logged-in and authenticated? Right now I make two calls during registration: register, then on success login.

Hi John,

User registration API does not automatically login the user. So yes, you need to make 2 calls.

A lot of applications enable the “Require email confirmation” option which would render auto-login upon registration useless.

Regards,
Mark

EDIT: Nevermind, I will just work around it.

Hi Mark,

While I believe that Email Confirmation is definitely required and is a feature I will be (and am now) using, this flow is an extremely poor user experience if I am understanding it correctly.

  1. User Registers
  2. User Receives Email Confirmation
  3. User Confirms
  4. User is forced to log back in (???)

Once the user clicks confirm on the email that should be it. The user should be able to tap on a “Finish Registration” or “Continue” button I create in app - I make a get profile call (which will return an auth token) - and that’s it. The user shouldn’t be forced to enter his credentials again, and it is insecure for the client to store any password information at all.

Perhaps I am misunderstanding, but registration implies some level of logging in, even if they haven’t “email activated” yet.

Hey Mark,

did you guys thought about having a possibility to do both - returning auth token after calling register for apps that don’t require email confirmation so we can have only one network request, and not returning auth token for apps that require it?

Best,
Matt

Hi Matt,

It is possible, but with the current support workload it is rather low on the priority list.

Regards,
Mark