Custom database: signup returns vague error when user already exists

I’m using a “custom database” connection and have implemented all the action scripts. Everything works fine, except for one thing. If a user tries to sign up, but already exists in my external system, they will get a vague error like “an error occurred during signup”. This is very confusing and I want them to know that they already have an account.

I know that the signup process first calls the getUser script to check if the user exists. My getUser properly finds the user and returns a user profile. The create script doesn’t even get called, so I can’t return the proper new ValidationError("user_exists", "...") exception. I know really know what I can do.

Can anyone help me?

Hi @martinmaillard,

Welcome to the Auth0 Community!

I understand that your users are seeing a vague error whenever they attempt to sign up but already exist in your Custom Database and would like to inform your users that they already have an account.

Before we continue, I’d like to emphasize that the error message is purposefully designed to be vague to not give away any clues that the email address or user already exists. Having an error message that reveals information about the email address or user’s existence would expose the application to user enumeration. More on that detailed in this Community Post.

Now, you can change the sign-up error message and it’s up to your discretion, but I’d recommend being as conservative as possible with the custom error message to avoid any security risks.

To customize the sign-up error message, you’ll need to go to your Universal Login Page and modify the Language Dictionary Object in the Lock Configuration Options.

Something like the following:

var lock = new Auth0Lock(config.clientID, config.auth0Domain, {
    languageDictionary: {
        error:{
            signUp: {
            'lock.fallback': "We're sorry, something went wrong when attempting to sign up.",
            }
        }
    },
    ... 
    // Redacted for brevity

Hoped this helps!

Please let me know if there are any further questions. I’d be happy to help.

Thank you.

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.