We need to disable most the emailing Auth0 sends. We may use a Custom Emailer (on premise SMTP) linked to Auth0 yet this will only be to send the user initiated Password Resets. Non of the other emails are required. How do prevent Auth0 sending unwanted email types to our Custom Emailer?
Our scenario requires us to create batches of user accounts (1000+ accounts per batch) prior to activating the accounts. We will be managing sending out password activation emails using as part of the batch processing and scheduling. We do not require password verification and the only other email type we will be sending is password resets. We do not want Welcome, Blocked, or Password Breach emails sent to users. (The last two should be dealt with directly by our support and security teams, not the users and so sent to them. Specifying an alternative destination other than the user for these sould help though I notice it isn’t possible to override the To: field of emails in the API.)
The general goal is to send a single Welcome email with details regarding all the application relevant to our user, not just those integrated using Auth0. Password resets and other activities are to be managed internally by us.
We will also need to have Policy that blocks after a ceratin number (i.e. 5) multiple user initiated password resets within a given time period; i.e. 8 - 24 hours. If the user attempts more than this we need to send a email to the requiring them to contact the help desk to reset their account password after verbal verification of identity.
How are policies such as this configure in Auth0? Is this possible using Rules?