I want to set up a Pre-Registration Action which checks if the user is coming from an invitation into an organization or has been trying to sign up manually. If they were not invited, the registration should be denied.
In our setup we have organizations into which users can be invited. Personal sign-ups, without being in an organization, are not allowed.
I was able to hide the Sign-Up button in the New Universal Login flow by setting the button to an empty string so the user can’t click on it (hacky…). However, the button still exists so by going into the browser’s developer console they can find the button and get into the signup flow.
I know that it’s possible to disable individual users to sign up and only allow “Business Users” in the settings of an application in the Auth0 dashboard.
So when an individual user tries to sign up without being invited to an organization, Auth0 responds with an error BUT the user is still created which can be seen in the dashboard under User Management → Users.
That’s what we want to prevent.
To do so, I would like to check in the Pre-Registration Action was invited or if they tried to sign up arbitrarily.
It would be great to get some insights and tips on how to realize this.