🔎 Overview

A Customer User can be created through different channels:

• From a storefront
• From the back office
• Through data import
• Through API

Regardless of the creation channel, a Customer User is not necessarily activated upon creation. Activation depends on a defined set of conditions.

💡

A Customer User is defined by:

• A status. A Customer User can have one of the following statuses: INACTIVE, WAITING_ACTIVATION, ACTIVE
• A password. A Customer User may or may not have a password
• An Account. A Customer User must be associated with at least one Account and may be associated with multiple Accounts.

🧠 Activation rules

A Customer User must complete its activation through the email received during the onboarding process.

The email is triggered when one of the following events occurs and the Customer User satisfies the required status and password conditions:

• The Customer User is associated with an Account in status ACTIVE.
• An associated Account changes status from INACTIVE to ACTIVE.
• An associated Account changes status from WAITING_APPROBATION to ACTIVE.
• The Customer User is in status WAITING_ACTIVATION, or the Customer User is in status ACTIVE and does not have a password.

💡

Email Sending Restriction

If a Customer User is already associated with at least one Account in status ACTIVE, no additional onboarding email is sent when:

• The User is linked to another Account in status ACTIVE.
• Another associated Account changes status from INACTIVE to ACTIVE.

📨 Email

Template

The onboarding workflow uses the email template: “First user on creating an account”

Recipient

The email is sent to the email address defined on the Customer User.

Email variable

The email contains the variable: activateUserUrl

This link allows the Customer User to complete the activation process.

Link behavior

The behavior of activateUserUrl depends on the password state of the Customer User.

• When the Customer User has a password, the link triggers the activation of the Customer User.
• When the Customer User has no password, the link triggers the password creation flow and activates the Customer User upon successful validation.

flowchart LR

A[Customer User Creation] --> C{Is there an associated Account ACTIVE?}

C -->|No| Z[No email sent]
C -->|Yes| D{Does the User has a password?}

D -->|Yes| E{Is the User status WAITING_ACTIVATION?}
D -->|No| G{Is the User status WAITING_ACTIVATION or ACTIVE?}

E -->|Yes| F[Send onboarding email with activation link]
E -->|No| Z

G -->|Yes| H[Send onboarding email with creation password link]
G -->|No| Z

🔑 Activation via Reset Password

When a Customer User resets their password using POST /auth/reset-password, the system can automatically activate the user under certain conditions.

How it works

If the Customer User is in status WAITING_ACTIVATION and sets a password for the first time, the system checks the following activation conditions:

• For a USER (non-operator):

  • The user must be in status WAITING_ACTIVATION or ACTIVE
  • The user must be associated with at least one active Account

• For an OPERATOR:

  • The user must be active (standard existing behavior)

If conditions are met, the user is automatically activated.

Response: activationResult

The POST /auth/reset-password endpoint returns a new field activationResult indicating the outcome of the activation attempt:

⚠️

If the reset password request itself fails (expired token, invalid password), the standard error response is returned without the activationResult field.

Example Response

{
  "activationResult": "ACTIVATED"
}

✅

Tip: If a Customer User's activation email token has expired, they can request a new reset password. The system will re-evaluate activation conditions at that time.

🔗 API quicklinks

• Customer User Activation - USER-200
• Create/update password - PWD-102
• Send email to reset password - PWD-101