[Bug]: Email Verification Link Is Timing Out Before The Set 24hrs With New Users

by ADMIN 81 views

Introduction

As a user of the ZITADEL Cloud, we have encountered a critical issue with the email verification process. The email verification link is timing out before the set 24-hour expiry period, causing inconvenience to new users. In this article, we will delve into the details of this bug, its impact, and potential solutions.

Preflight Checklist

Before we begin, let's ensure that we have covered all the necessary steps to troubleshoot this issue.

  • Documentation Check: We have thoroughly searched the ZITADEL documentation, existing issues, and discussions, but could not find a solution to this problem.
  • Community Support: We have not joined the ZITADEL chat yet, but we will do so to gather more information and potential solutions.

Environment

  • Cloud Provider: ZITADEL Cloud
  • Version: 2.54
  • Database: None
  • Database Version: No response

Describe the Problem Caused by this Bug

The email verification link is timing out before the set 24-hour expiry period, causing inconvenience to new users. This issue is critical as it prevents new users from verifying their email addresses, which is a necessary step to access the ZITADEL Cloud.

To Reproduce

To reproduce this issue, follow these steps:

  1. Create a new user account: Create a new user account on the ZITADEL Cloud.
  2. Click on the welcome email: Click on the welcome email sent by ZITADEL to the new user.
  3. Auto-code population: The auto-code should populate in the email.
  4. Verify the code expiry: Check the code expiry time, which should be set to 24 hours.
  5. Code expiry before 24 hours: The code should expire before the set 24-hour period.

Screenshots

Image: Email Verification Link Timing Out Before 24-Hour Expiry

Expected Behavior

The email verification link should not time out before the set 24-hour expiry period. New users should be able to verify their email addresses without any issues.

Operating System

No response

Relevant Configuration

No response

Additional Context

No response

Potential Solutions

Based on our research, we have identified a few potential solutions to this issue:

  1. Update the email verification link: Update the email verification link to use a more robust and secure method, such as a one-time password (OTP) or a secure token.
  2. Increase the code expiry time: Increase the code expiry time to a longer period, such as 48 hours or more.
  3. Implement a retry mechanism: Implement a retry mechanism that allows users to retry the email verification process if the link times out.

Conclusion

The email verification link timing out before the set 24-hour expiry period is a critical issue that needs to be addressed. We have identified a few potential solutions to this issue, and we recommend that the ZITADEL team implement these solutions to ensure a smooth user experience. We will continue to monitor this issue and provide updates as necessary.

Recommendations

Based on our research, we recommend that the ZITADEL team:

  1. Update the email verification link: Update the email verification link to use a more robust and secure method, such as a one-time password (OTP) or a secure token.
  2. Increase the code expiry time: Increase the code expiry time to a longer period, such as 48 hours or more.
  3. Implement a retry mechanism: Implement a retry mechanism that allows users to retry the email verification process if the link times out.

Next Steps

Introduction

In our previous article, we discussed the critical issue of the email verification link timing out before the set 24-hour expiry period with new users on the ZITADEL Cloud. In this article, we will provide a Q&A section to address some of the frequently asked questions related to this issue.

Q: What is the cause of the email verification link timing out before 24 hours?

A: The exact cause of the email verification link timing out before 24 hours is not clear. However, it is believed to be related to the way the email verification link is generated and sent to the user. The link may be expiring prematurely due to a technical issue or a configuration problem.

Q: How can I reproduce this issue?

A: To reproduce this issue, follow these steps:

  1. Create a new user account: Create a new user account on the ZITADEL Cloud.
  2. Click on the welcome email: Click on the welcome email sent by ZITADEL to the new user.
  3. Auto-code population: The auto-code should populate in the email.
  4. Verify the code expiry: Check the code expiry time, which should be set to 24 hours.
  5. Code expiry before 24 hours: The code should expire before the set 24-hour period.

Q: What are the potential solutions to this issue?

A: Based on our research, we have identified a few potential solutions to this issue:

  1. Update the email verification link: Update the email verification link to use a more robust and secure method, such as a one-time password (OTP) or a secure token.
  2. Increase the code expiry time: Increase the code expiry time to a longer period, such as 48 hours or more.
  3. Implement a retry mechanism: Implement a retry mechanism that allows users to retry the email verification process if the link times out.

Q: How can I prevent this issue from occurring in the future?

A: To prevent this issue from occurring in the future, we recommend that the ZITADEL team implement the potential solutions identified in this article. Additionally, users can take the following steps to prevent this issue:

  1. Check the email verification link: Before clicking on the email verification link, check the expiry time to ensure it has not expired.
  2. Retry the email verification process: If the email verification link times out, retry the process to ensure that the link has not expired.

Q: What is the impact of this issue on new users?

A: The impact of this issue on new users is significant. New users may experience frustration and inconvenience when trying to verify their email addresses. This issue may also lead to a decrease in user engagement and satisfaction.

Q: How can I provide feedback on this issue?

A: To provide feedback on this issue, please contact the ZITADEL support team or join the ZITADEL chat to discuss this issue with other users and the ZITADEL team.

Conclusion

The email verification link timing out before the set 24-hour expiry period is a critical issue that needs to be addressed. We hope that this Q&A section has provided valuable information and insights to users who are experiencing this issue. We will continue to monitor this issue and provide updates as necessary.