Can I force login to fail if the user lacks a property in app_metadata?

I’m using app_metadata to store users’ permissions within my app. What I’d like to do is force the login (using universal login) to fail if the user lacks a particular property within that meta data.

If this isn’t possible, I can just show an error screen after they login, but preferable would be that login fails.

Is this possible at all? Many thanks!

Hi @kkrp1,

Thanks for reaching out to the Auth0 Community!

Yes, it should be possible to deny a user access based on a property in their app_metadata.

Here is an example you can use and adapt to your scenario:

 * @param {Event} event - Details about the user and the context in which they are logging in.
 * @param {PostLoginAPI} api - Interface whose methods can be used to change the behavior of the login.
exports.onExecutePostLogin = async (event, api) => {
  if (event.user.app_metadata.color !== 'blue') {
    api.access.deny(`Access to ${} is not allowed.`);

Please let me know if there’s anything else I can do to help.


Thanks Rueben! That looks perfect.

Additionally, you replied to another post of mine, whos existence I promptly forgot about, and by the time I remembered the post had auto-closed so I couldn’t reply to say thanks. Apologies!

1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.