Forum Academy Marketplace Showcase Pricing Features

Create custom email confirmation link

I’m using Sendgrid instead of bubble’s email engine.

When a user signs up - I’m shooting them an email via Sendgrid with a button to confirm their email address. When they click the button, it takes them to a page called …/email_confirmation on my site.

I have a field called ‘Email confirmed?’ in my User data type. How can I change the value to “yes” when a user clicks on the Sendgrid button to confirm their email address from their email client?

I’ve tried ‘on page load’ change the ‘current’s user’s email confirmation’ to true. It doesn’t work though.

Your workflow says the current user has to be logged in as well on page load. Are you visiting the page when they are logged in? or do they need to log in first then you may need to reload the page again after they login in your workflow.

When you click the link in the email, the email confirmed changes to yes if it is a valid response token.

I originally had done what you had done, so put a text box on the page with the value of the email confirmed to see what was happening. then rejigged what i was doing.

@john3 I have only tested this theory with an account that is already logged in. I suppose you bring up a good point, how can I change the value of a users things without them being logged in?

@DaveA I’m using Sendgrid - how would the ‘email confirmed’ change to yes if I’m not using the bubble engine? How is Sendgrid and my website associated aside from a link to an email confirmation page?

I guess I could add a button on the confirmation page which says ‘confirm’ as well - but that wouldn’t work if the user is logged out and is a bit clunky.

if you look at the link that is sent in the email, the page you specify is defined in the first part, ‘email_verify’, then there is the parameter ‘confirmation_email’ with the token value,

I suspect there is some hidden workflow that is managed by the bubble engine to deal with this. i have tested it with both a logged in user and a logged out user at it just works, and also changed the name of the page, it all just hooks up fine.

When you send the confirmation link via email using Sendgrid, does it look any different?

The URL associated with the button ‘Confirm Email’ is set by me -

The Sendgrid template was just a blank slate to begin with that I created - it’s not part of an official email confirmation workflow on their side.

Bubble workflow

I think you need to use the inbuilt workflows to generate the token etc. You can customise the email that is sent out in the settings pages. This should still send the email via the Sendgrid API if you have the key set.

If you wanted to avoid Bubble’s built-in system, I’d create another field for your own email confirmation that is yes/no. In the link that you send to users (your link with your confirmation page), include the user’s unique ID as a parameter. When the user then clicks on the button (regardless of them being logged in), make a change to the user that you pull from the unique ID parameter… search for users: first item > constraint on search: unique id = get parameter from url… your confirmation field = yes.


Gabby this sounds interesting - I’ll give it a shot.

Gaby, the email confirmed field is not accessible (writeable) from the workflow (from what I can see)…looks like you would have to step out of the bubble email management completely and do a bespoke.

To keep everything clean/robust/secure I would be inclined to stick with the bubble implementation and configure the sent email from the settings page.

This also main that if a user changes their email, it also automatically switches to email confirmed = no.

Right, I meant creating another field so that you could change it, but you do make a very good point re: security. He could add in some extra walls so that it’s not completely dependent on the single writable field. If the user changes their email within the app, then the new writable field is automatically changed to “no” and the user will need to confirm again. I mean, even with the Bubble way, anyone who gets a hold of the confirmation email, gets a hold of the account too. Same with reset_pw flows.

I think he could make it just as secure, if not more, just like you could fortify the Bubble system further. Perhaps maybe?

Dayum, I’ll stick to the Bubble engine for now.

Me want sexier emails :frowning:

1 Like

You can still customise the email that is sent. You can set this in the language settings tab.

1 Like

Yeah I’ve done that - plain text is boring, would have loved my Sendgrid template. Will use it in other transactional emails though.

Appreciate the help though!

I believe you can put html content in it. You can also upload images using the fileuploader and reference them as html img elements in the email back to their source on your app…

I am sure there is a thread in the forum somewhere on doing this.

1 Like

Have you guys figured out a way to make changes to a logged out user based on the built-in confirmation email token?

I tried going the path of a custom email that includes the user id and reads the parameter from the URL, but as you mentioned that is not secure, because anyone can play with the URL and activate other people’s profiles.

My user confirmation process entails confirming the email as well as activating the profile (and all the content user had created by that point). I know I could create a workflow after the login to Activate user only if email_confirmed is “yes”, but I’d like to do it when the confirmation link is clicked. Is that possible?

There are at least two ways to combat that:

  1. Generate a very long token
  2. The token expires at a reasonable amount of time

If you roll your own email verification, you can easily activate the account on confirmation since both actions require you to handle them (as opposed to Bubble’s built-in method).

Thank you @Scott. Can you quickly reference the elements and workflows used to generate a random token and set an expiration date on it?

Only thing I can think of at the moment is to generate any number of random token codes in Excel, upload them in the Token table in the app, then assign to email and user as they are requested. Set workflow to run every day to inactivate the tokens that were issued more than 24 hours ago (e.g.) and also make the token expire, once the link in the email has been clicked.