Two step authentication


New to Knack.

Has anyone setup a typical two-step authentication process, where when a user:

 - Fills out registration form

 - Sees a page that says an e-mail is sent

 - Receives an e-mail to confirm their e-mail address

 - Clicks a link in their e-mail to confirm

 - Is redirected to a specific page

Or something similar?

I've been trying to implement this too. I've written javascript that updates the User Status to 'active' when the user clicks on an emailed link, but the subsequent Log In attempt fails with an 'account not active' error - ie as if the User Status were still 'inactive'. Can anyone suggest what I'm missing here?

Awesome.  Thank you!

Hi Greg

Although I haven't done this myself yet, I'm pretty certain it can be done without Javascript...

  1. On the sign up page set the User Status to Inactive and send the person an email linking to a public (i.e. not secured) page which opens the person's record (without showing any fields necessarily) with a Submit button saying something like "Confirm use status..."
  2. This has a record rule which updates the User Status back to "active" again and a submit rule which sends the user to the main home page for the app. At this point they will be asked to log in.
  3. It may be useful to also send the user another email to confirm and with a URL for the main app home page.

I'm pretty sure this will work and that it's secure (to load the confirm page you would need the ID of someone's record and the page wouldn't show any data anyway). Of course this edit page would have to be linked to a table and you also need to make sure that this doesn't display any data (just remove all the fields).

Does this help??

No this can be done using custom JavaScript 


Did you have Knack trigger the e-mail and the custom link?

Or did you use the api for that...

Hello Greg,


Yes i have done this. Like you need to create a form when user fill form then by default make status is inactive and send mail.


When user click on link in email then you can trigger a API to update it's status to active .



Sunny Singla