Calling getUsersByEmail in a post-login trigger?

Carbon · August 1, 2025, 4:55pm

We are trying to prevent users from creating duplicate accounts for the same email address (auth0 vs SSO).

It’s possible to prevent an auth0 provider account in the pre-registration Trigger by looking up existing users with the same email address using the ManagementClient. The auth0 ManagementClient appears to be available by default here, we didn’t even need to add it as a dependency.

This same approach does not appear to work in the post-login Trigger. First off it throws an error if we don’t add auth0 as a dependency. But even if we do, it throws an error saying that getUsersByEmail is not available even though the API specs say it should be available. Is it blocked in this Trigger?

The solution we are trying to implement is:

When a user logs in with SSO for the first time (based on login_count)
Check if an account exists already for the auth0 provider
If it exists and the account is not email_verified = true then reject the login and ask them to login with username and password
If it exists and the account is email_verified = true then go ahead and auto-link the account so they share the same id.

Is this possible?

remus.ivan · August 14, 2025, 3:38pm

Hi @Carbon,

Welcome to the Auth0 Community and sorry for the late response!
Moved this post over to the Help Category in order to receive proper assistance.

Your desired implementation is definitely possible. A similar issue was already raised here, so you can check out this community post which will explain how to achieve this.

In a Post-Login Action you’ll also have to initialize the ManagementClient, such as:

const management = new ManagementClient({
      domain: event.secrets.domain,
      clientId: event.secrets.clientId,
      clientSecret: event.secrets.clientSecret,
  });

and retrieve the response:

const existingUsers = await api.management.usersByEmail.getByEmail({ email: event.user.email });

You can also check out this pages as well:

Then you should be able to achieve your desired flow by denying access and Linking User Accounts.

Thanks,
Remus

system · August 28, 2025, 3:38pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Need to block user from signup and login if the user does not exist already Get Help user-management , account-linking	0	562	December 13, 2023
Validate and Block Social Login If User Email Address already exists and not verified Get Help extensions , auth0-authorization	2	3069	December 16, 2022
Earliest point a social login may be linked & preventing duplicate linking attempts Get Help auth0 , social-connections , account-linking , actions	0	1837	May 24, 2022
How to prevent users that doesn't have an previous registered email to connect with social? Get Help user-management , account-linking	2	866	September 8, 2023
Login Flow Action Error with not created email Get Help login-experience , new-universal-login-experience	2	785	July 31, 2023

Calling getUsersByEmail in a post-login trigger?

Related topics