Thanks for following up on this and sharing your solution in another thread - To clarify (This is regarding New Universal Login), it is possible to show a custom error message to a user via a pre user registration action, using api.access.deny(reason, userMessage). It is not possible to show a similar custom error message via a post login action - Instead the reason provided in api.access.deny(reason) is included as a query param at the url the user is redirected back to.