Blocking Users in Bulk

travis.evers · August 27, 2024, 8:45pm

Overview

This article describes whether it is possible to prevent a large number of users from authenticating.

Applies To

Authentication
Post-Login Action
Blocked

Solution

While there is no out-of-the-box way to block a set of users in bulk, it is possible to use a post-login action that can deny authentication based on specific criteria from the user profile.

For example, to block all users who have blocked set to true in their app_metadata the following example should be reviewed:

exports.onExecutePostLogin = async (event, api) => {
 if (event.user.app_metadata.blocked) {
   api.access.deny("Blocked");
 }
}

Topic		Replies	Views
Block users on bulk creation Help user-creation , blocking	3	5194	August 16, 2019
Bulk editing users through Management API Help	4	3393	December 24, 2021
How to bulk unblock users from Brute-force Protection? Knowledge Articles brute-force , attack-protection , brute-force-protection	1	2544	July 28, 2022
Post Login Action : How to know if the user is blocked Help login-experience , new-universal-login-experience	2	572	February 23, 2024
Know if a user is blocked by brute force protection Help lock , auth0 , rules , login , blocked-account , block	4	3624	January 25, 2023

Blocking Users in Bulk

Overview

Applies To

Solution

Related topics