I want to prevent users to log in without email verified.
I have added the Login authorization flow, how shared in this example: Force email verification using Actions
Unfortunately, this does not work for my Learnworlds website.
Other Angular application that has integration with Auth0 works, and login is prevented. But for Learnworld website integrated with SAML - user still able to log in
What could be the issue?
And one more thing… for Angular application, when access to login is denied, there is no error message displayed or something about why user not able to log in. So this is a confusing for the user, what the user should do next.
I just checked your tenant settings and found that you have created the “Confirm Email is Verified” action script but did not bind it to the Post-Login flow.
Please attach the action to the flow and save your changes.
Once that’s done, your Action script should work correctly.
@rueben.tiow
I have tested it one more time and I see what happens…
So when the user signs up - Auth0 redirects back to the homepage.
If the user try to Log In and the email not verified - the user redirected to the homepage again as an unauthorized user.
Unfortunately, this functionality is very confusing for the user, because to the user it looks like Sign In functionality is just broken because no error message is displayed for example that “Need to verify email” or something. Auth0 just redirects the user back to the homepage