We would like to implement a rule that prevents a user with @GMAIL.COM email from signing up to our app using the Google social sign-up. We already have a rule that prevents it for the username/password signup.
The only caveat is that, we already have a bunch of users with GMAIL.COM accounts who are already registered in the product. We do not want to impact their experience and this should only impact the new users.
First of all, sorry for the last response, I hope that I will be able to help you with your problem. I understand you would like to prevent new signups from the Google social connection when the user’s email address ends with @GMAIL.COM.
To achieve this functionality, you can use Auth0 Actions. Actions allow you to extend the functionality of Auth0 by running custom code during the authentication and authorization process. Pre User Registration Flow
Your action will need to check before signup if the social connection is google-oauth2 and if the username email ends with @gmail.com
Sample code:
/**
* @param {Event} event - Details about registration event.
* @param {PreUserRegistrationAPI} api
*/
exports.onExecutePreUserRegistration = async (event, api) => {
const { email } = event.user.email;
if (event.connection === 'google-oauth2' && email && email.endsWith('@gmail.com')) {
return api.access.deny('Gmail sign-up is not allowed.');
}