Allow user to sign in, but still require email confirmation
Is it possible to have users to sign up, go through an onboarding flow authenticated and update their own data, but then still require them to confirm their email to gain full access (or whatever access is defined in policies) later?
As I understand, right now you either have to
As I understand, right now you either have to
- enable email confirmation and user can't authenticate until email is confirmed, so onboarding blocked for the moment
OR - disable email confirmation, and, well, it's disabled then and open for spam accounts
