Activation
An activation is a time bound code used for user invitations, password resets, and claim grants. Activations provide a secure, expiring link that triggers a specific action when consumed.
How It Works
When an administrator invites a user or a user requests a password reset, the system generates an activation code. This code is sent to the user (typically by email) and expires after a set period. When the user follows the link and presents the code, Auth validates it and performs the associated action.
Properties
| Property | Purpose |
|---|---|
| Code | The unique activation identifier |
| Expiration | When the code becomes invalid |
| User | The user this activation is for |
| Claim | The claim to grant on activation (for invitations) |
| App | The application context for the activation |
Use Cases
| Scenario | What happens |
|---|---|
| User invitation | Admin invites a user, activation grants initial claims on use |
| Password reset | User requests reset, activation allows setting a new password |
| Claim grant | Activation assigns a specific claim when consumed |
Security
Activations are single use and expire automatically. Once consumed or expired, the code is no longer valid. The system tracks which activations have been used and by whom.