Hello.
I want to let our customers use their social accounts (gmail, twitter) to login to a new platform I’m building.
My question is about the registration process. How can I force some approval stage before they can effectively login? I know there are hooks (pre-user-registration and post-user registration), but the docs says they are only available for database and passworless connection.
This is what I want to achieve:
There is a way to make your request happen, creating a rule that verifies if the user’s app_metadata.verified value is set to true. This is a value that you’ll have to set manually for each user you want to allow logins for.
To discern your database users from your social users you can leverage the context object in rules which contains the context.connection value.
You can access your user’s app_metadata by going to Users & Roles > Users > Select an user > Details
About sending emails to the users, we do not manage an email service for custom actions not previously supported. That is something you would have to do manually.