Can I prevent user from receiving a e-mail code in a rule?

I am using passwordless email, with sign-up enabled.

Is it possible, for example using rules, to prevent certain e-mails/domains from receiving a one-time code?

Currently, everyone who visits the sign-up can provide their e-mail, then a one-time code, and first after this can I validate the user with rules :man_shrugging:t4:

Motivation:
Preventing sign-up for certain domains.

Hi @alexab,

You can prevent passwordless signups for particular domains by using the Pre-User Registration Hook:

https://auth0.com/docs/hooks/extensibility-points/pre-user-registration

As an example:

module.exports = function (user, context, cb) {
  var response = {};

  response.user = user;

    const pos = user.email.search('@'); // get position of domain
    var domainName = '';
    if (pos > 0) {
       domainName = user.email.slice(pos); // get domain name
    }

  if (domainName === "@disalloweddomain.com" ) {
    cb('Invalid Signup.', response);
  }

  cb(null, response);
};
2 Likes

Hi @andy.carter - that’s amazing. I had the impression that the pre-user-registration hook was not enabled for passwordless, but no :rocket:

I will implement this soon, and share any feedback here :raised_hands:t5:

1 Like

Sure! Let us know once you have a chance to test it!

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.