after signing up a user via kratos, I call the UpdateIdentity API to "link" the user with our internal account database. However, when the user then goes to verify their email, the link never works, seemingly because calling the UpdateIdentity API creates a different verification flow? has anyone worked around this before?

• user signs up • UpdateIdentity to add some metadata to profile from internal acc db • user begins verification flow (is this before or after UpdateIdentity?) is that correct? Not 100% sure but I think if you update the identity you would have to restart the verification flow.

@magnificent-energy-493 my understanding is: 1. user signs up, which triggers a "verify your email address" email from kratos 2. the user is redirected to our custom "sign up success" page, which allows us to trigger the

UpdateIdentity

call. ideally, we'd either wait on sending out the verification email until after the

UpdateIdentity

, or figure out how to update the identity without needing a new verification flow. does that make sense? It doesn't seem great that the original verification email that's sent during sign up doesn't work.

Could this work @cold-printer-58923: 1. user signs up, which triggers a “verify your email address” email from kratos 2. user goes through the verification flow 3. post verification redirect goes through your custom “sign up success” page, triggering the

UpdateIdentity

call https://www.ory.sh/kratos/docs/concepts/browser-redirect-flow-completion/#post-verification-redirection This way you could use the original verification email sent out.

hi @magnificent-energy-493; sorry to pop this back up again, but I'm not sure that would work for our usecase. out of curiosity, is there any way that we can update the identity without invalidating the verification link?

Hey Stefan no problem, glad you found this thread again. Could I propose you create a github discussion for it, since I am out of my depth at this point and we can get some more eyes on it that way. Also we dont run the risk of losing the thread for good, that is always an issue with longer-running discussions on Slack 😅 You can just copy your original question from here and I add my proposal and we will get some more answers in the course of next week. That sound good?

hi - sorry again, spent some time over the weekend thinking about the issue and I think I have a workaround for the issue. I will open up a discussion on the forums if I run into further problems - thanks @magnificent-energy-493!

Awesome, that is great to hear Stefan. Thanks for following up and if your solution is not documented, it might be helpful for others - what do you think? If you are up to it, we can find a good spot in the docs, and you will get some Ory swag as thank you 🙂 (if it is your first contribution that is)

hah - it's pretty much what you suggested. we are reworking our flows to force users to verify their email before using the rest of the site ... which means that after the verification, we can do the remainder of the housekeeping we need to "fully" create their accounts.