Dasboard / Connections / Passwordless / Email / Settings disable sign ups not working

Hi
I have seen a few people having the same issue. I dont want people to sign up just by entering an email as I need to collect further information (by asking users to sign up as a subscriber to wordpress)
But if a visitor goes to log in page they can simply sign up by entering their email.
How can I stop this please?
I m evaluating the product at the moment and I think this is a major bug going back to 2019.
Not sure if there is a workaround?

Many thanks

Hi @ciobotanicolae,

Welcome to the Auth0 Community!

I understand that you are looking to disable sign-ups for your Passwordless Email Connection.

To do so, you will need to navigate to your Auth0 Dashboard > Authentication > Passwordless > Email and switch on the Disable Signups toggle at the bottom of the settings. Please don’t forget to press the Save button. See below.

After this is complete, your application will not allow users to sign up using Passwordless Email.

Please let me know if you have any further questions. I’d be happy to help.

Thank you.

1 Like

Hello Rueben,

Thank you very much. I did exactly that but is not working.
Please check here:
live-stage.co.uk/wp-admin

By entering any email address a new user is created and I dont want this I want to have a custom registration form I created.
Please see my settings bellow and I also disable sign ups in db connections.

Kind regards

1 Like

It is working now. My bad I should have cleared the cache. I am using the passwordless connection not the database connection but the users I add to wordpress cant log in. What I dont understand is how to set up custom fields to the sign up form for the passwordless lock form. It only asks for an emai.
If I disable the sign up and register the user on wordpress is not getting added to the auth0 dashboard / email connections. So the user is unable to log in.
I would like to collect more information if the user does not exist and cant work out how.

1 Like

I have found my own solution but I hope is the code is Ok like this?

I created a rule in the dashboard with this code:

function (user, context, callback) {
const namespace = ‘https://live-stage.co.uk/’;
const userType = context.stats && context.stats.loginsCount === 1 ? ‘new’ : ‘existing’;
context.idToken[${namespace}userType] = userType;
if (userType === ‘new’) {
context.redirect = {
url: “https://live-stage.co.uk/collect-data
};
}
return callback(null, user, context);
}

Now when the user sign up first time they will be taken to my form. After that they will be directed to the regular site.

I m not sure my code is good though so any pointers would be much appreciated.

I tried it and it works.

Hi @ciobotanicolae,

Thank you for your response.

After reviewing your Rule carefully, I found it to be a valid approach :clap:!

One thing to note is that once your user redirects back to the /continue endpoint to resume the authentication transaction, all the Rules will execute again except for the redirect Rule.

To distinguish between user-initiated logins and resumed login flows, you will need to check the context.protocol property. For example:

function (user, context, callback) {
    if (context.protocol === "redirect-callback") {
        // User was redirected to the /continue endpoint
    } else {
        // User is logging in directly
    }
}

See our Redirect Users from Within Rules documentation to learn more.

Please let me know if there’s anything else I can do to help.

Thank you.

Hi Rueben

Thank you. I couldnt work out the code to include the context.protocol and the redirect was no longer working. It worked with my code.
Is there an example of how to add the context/protocol to my code?
I am very new to auth0 and what I need to do is force people to complete their profile on wordpress before accessing the site.

Many thanks

1 Like

Hi @ciobotanicolae,

Thank you for your response.

Firstly, you will want to include the context.protocol in your other Rules to prevent them from being executed again after the user has redirected to the /login endpoint. Note that the context.redirect will be ignored to allow authentication to continue.

In this case, let’s say there is an existing Rule to add user_metadata then there is the option to do the following to avoid the Rule triggering twice:

function (user, context, callback) {
    if (context.protocol === "redirect-callback") { 
        // User was redirected to the /continue endpoint
        // Pass do nothing
        return callback(null, user, context);
    } else {
        // User is logging in directly
        // Update the user_metadata 
        user.user_metadata.preferences = user.user_metadata.preferences || {};
        user.user_metadata.preferences.fontSize = 12;

        // persist the user_metadata update
        auth0.users.updateUserMetadata(user.user_id, user.user_metadata)
            .then(function(){
            callback(null, user, context);
            })
            .catch(function(err){
            callback(err);
            });
    }
}

Lastly, have you gotten a chance to see our documentation detailing How to start redirect and resume authentication with Rules?

Thank you.