For invited users, Softr suggests using the ‘User Profile’ block to create a password. Unfortunately the user journey is confusing and inappropriate with this block, because it is not designed for on-boarding new users. In fact, Softr’s docs say that once the user enters the app from a magic link they can change their password later, but there is no mention of how or what that configuration looks like.
For instance, when an invited user lands on a ‘User profile’ block to create a password, the ‘Old password’ field is still there. Invited users have never created a password up to this point in the user journey.
Please deploy a solution that takes into account password creation for invited users. Until this happens, I’m afraid the recommended solution may cause unnecessary friction for new users and is therefore insufficient for on-boarding.
Thanks for the directions @Maria. What you described is what I had intended for on-boarding users. However, if the code doesn’t work over time, which is what happened, it is a problem. So rather than rely on a workaround for this critical part of the user journey, why not provide a better solution?
If implementing a solution is dependent on the demand for it, perhaps the lack of adoption of the User Profile block for on-boarding is because it is not an ideal block for this scenario in the first place. I have ideas for improving this scenario so builders can have the capacity to on-board invited users effectively. Please let me know if you’re interested.
I’m really hoping Softr takes another look at the entire user auth process. There’s no native 2FA option so if I wanted to implement that today (a lot of our large clients require it) I would have to use an external SSO provider.
I was told that after 30-90 days, logged in users are automatically logged out.
I haven’t used this, since I’m not having much luck with the durability of custom codes, but this was also suggested for inactive users:
you import them with their email address, and then direct them to the reset/forgot password page. tell your user to click the reset password using their email address on file and it will send them an email with a link to set a new/current password. that’s what we did.
Sounds like it will work amira, for “imported” users. Invited users, from Softr’s invite email, would land on your “forgot” password page from their email, only to be redirected back to their email, to then link back to the “Reset” password page. That’s a lot of redirection.