Auth0 Home Blog Docs

CORS login via auth0-js.login() - does not send "rules" errors to callback

CORS login via auth0-js.login() - does not send “rules” errors to callback

Hi,
i use auth0-hjs CORS login

  auth.login(
    {
      realm: process.env.AUTH0_CONNECTION,
      username,
      password,
      state,
    },
    callback
  );

the problem is that if i have a Rules like “force email verification” on my dashboard,
i cannot get the error “please verify email” in this callback, instead, CORS login went ok,
i have to “get” the error on NEXT redirect to my /callback .

Instead others errors, like Username or email not valid are ok on the callback, without handle redirection!

I believe if you explicitly want to send this error back, you can achieve this by checking this property in rule and return error if email_verified flag is false.

of course i already have the custom rules on api dashboard for email verification

function (user, context, callback) {
if (!user.email_verified) {
return callback(new UnauthorizedError(‘Please verify your email before logging in.’));
} else {
return callback(null, user, context);
}
}

the probelm is that when you login via auth0-js CORS login, this error isn’t notified on login callback event, but only on next “redirect” to /callback url.!