Cannot customize user_blocked message in Auth0 lock

Yes, this is identical to this previous issue which was unanswered: User_blocked message not showing Auth0 lock.

I will answer the questions from that previous thread:

Are you using your universal login page or are you hosting lock on your web page?

hosted, using the Auth0.js library

How is the user getting blocked? Are they getting blocked by someone blocking them from the management API or the manage dashboard, or are they getting blocked because they are doing too many login attempts?

Blocking them via management UI

What is the current behavior? Are you getting an error message sent to your redirect_uri instead of the error in lock?

I’m seeing the message “Blocked User.” in the lock widget. I’ve configured the languageDictionary exactly as the linked issue did…

languageDictionary: {
    error: {
      login: {
        'blocked_user': "custom user is blocked"
      },
    }
  },

I cannot reproduce this issue when using embedded login (with Lock) and an updated language dictionary.

You mention that you’re hosting in your web page, but then you mention you use Auth0.js library. If you use Auth0.js library just to start a login through universal login then this is not embedded/hosted Lock scenario.

Have in mind that even a flow through universal login may display/use the Lock widget to perform the login, but in that case Lock is being used within universal login itself and things are different.

You should clarify in which domain is Lock being used (if it’s the tenant/custom domain then it is universal login); only if Lock is being shown directly in the domain the client application is hosted at would this be an embedded login scenario where Lock could indeed be used to handle that user blocked scenario.

If you use Auth0.js library just to start a login through universal login then this is not embedded/hosted Lock scenario.

We’re using the auth0-lock (https://auth0.com/docs/libraries/lock/v11). I’m not sure if that helps or not.

You should clarify in which domain is Lock being used

What’s happening is that it’s issuing a POST https://trinetx.auth0.com/co/authenticate and getting back a 403 status with the response body of {"error":"blocked_user","error_description":"Blocked user."}. This is being displayed on the UI like this: https://imgur.com/G2HYyrq. I still haven’t been able to customize this message via the javascript languageDictionary object

Is the application that is experiencing the issue available in a public link? Or alternatively can you deploy a sample application where you reproduce the issue? It would be useful to check the full code.

I am working on getting this deployed to our public site. I will get back to you about this in about a week

Waiting for the info then!