Admin API: Update user

[FlxMgdnz]

Expose functionality via the admin API to update user data.

• Add email
• Change primary email
• Delete email

Let's not touch passkeys and passwords for now.

[cayblood]

One thing we would want is an option for this API to automatically send a confirmation code to any new email addresses, with webhook notifications for email status (unconfirmed, confirmed).

[IAmRiteshKoushik]

Hey @FlxMgdnz , I would like to take up this issue. Could I get some directions on how to go about it ? Relevant files and folders perhaps ?

[FlxMgdnz]

One thing we would want is an option for this API to automatically send a confirmation code to any new email addresses, with webhook notifications for email status (unconfirmed, confirmed).

To refine this a bit more I'd like to understand what's the use case you want to support @cayblood ?

[cayblood]

The main concern is that if we can attach new emails to users programmatically, we need a way of making sure that the email we're attaching is valid. Otherwise we might change a user's email but set it to an email that cannot really receive mail. So having the API automatically verify any email addresses we want to add saves us the trouble of building a separate mechanism for doing something that Hanko has already implemented for other workflows.

[FlxMgdnz]

Got it, thanks @cayblood. So when adding an email address via admin API, there should be an option to trigger a verification email.

We'd need to implement a verification link for this non-user-initiated scenario though, as a passcode (what we currently do for email verification) won't work here.

We don't have webhooks yet either, but a webhook notification for when the verification happens seems reasonable. This would make sense as well for configurations where email verification is not required on account creation.

[cayblood]

I suppose it would be possible to implement this without built-in verification with the warning that developers are responsible for verifying any emails they add.

[FlxMgdnz]

That would keep things simple for now 👍🏼

We're tracking verification links in #1063. As soon as we have them we can think about adding them as an option to certain admin actions.

[proitconsult]

I'm also interested in this feature. I think it is a sensible trade-off to make sure the new email address has been validated in some way before using the API to update it on behalf of a user.

[shaneHowearth]

Hi

I have a couple of questions regarding the possible behaviour of this change.

If an email is deleted, and it's the primary email for a user, what is the expected behaviour (I'm expecting an error preventing the user from being left in a state where it does not have a primary account maybe? edit: After a good look at this I'm seeing that there is going to have to be a case where either two primary emails exist for the user or none, unless the change made is such that if the primary is deleted another must be nominated as primary in the same call - but even then there's a small chance that the user could end up in the bad state )

If an email is deleted from a user, and that leaves the user without any emails, what is the expected behaviour (I was thinking that an error stating that the user cannot be left without an email was appropriate)

If an email is nominated to be the primary email for the user, it clearly needs to be validated, so I'm wondering if the correct behaviour is to only elevate an already added email, that has been marked as verified, or is the expectation that the admin can add an email and make that the primary email in one fell swoop?

So, I guess I'm asking if the existing state of the user should be taken into account when changes are made, and what possible states are allowed to exist when an admin makes the changes.