Email validation rules, please make them public knowledge

jesse2 · August 16, 2019, 2:04am

During signup, the lock form does some email validation:

image%20(13)

Other parts of our system also validate emails and we want to provide a consistent experience across our whole app regarding email rules.

What are the exact rules Auth0 uses for this field? Or the regex used?

konrad.sopala · August 16, 2019, 6:56am

Hey there @jesse2!

Not sure about that but let me do the research and get back to you soon!

jesse2 · August 28, 2019, 4:31am

Thanks @konrad.sopala
Did you find anything yet?

konrad.sopala · October 3, 2019, 10:10am

Hey there @jesse2!

I was told by our engineering team that we do have no doc on the rules we use in Lock for validating those fields. The only source of knowledge for that is to inspect Lock source code.

jesse2 · October 3, 2019, 11:06pm

Thanks for the suggestion. I believe I’ve found it here:

github.com

auth0/lock/blob/4aaefa4a9ed00423e665e0743a7b0a952c6a267d/src/field/email.js#L7


      
          import trim from 'trim';
          import { setField } from './index';
          import { endsWith } from '../utils/string_utils';
          import { isHRDEmailValid } from '../connection/enterprise';
          import * as i18n from '../i18n';
          
          
const regExp = /^(([^<>()[\]\\.,;:\s@\"]+(\.[^<>()[\]\\.,;:\s@\"]+)*)|(\".+\"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/;
          
          
export function validateEmail(str) {
            return isEmail(str);
          }
          
          
export function isEmail(str) {
            const result = regExp.exec(trim(str.toLowerCase()));
            return !!result && result[0] !== null;
          }

const regExp = /^(([^<>()[\]\\.,;:\s@\"]+(\.[^<>()[\]\\.,;:\s@\"]+)*)|(\".+\"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/;

konrad.sopala · October 4, 2019, 6:02am

Thanks a lot for sharing that with the rest of community!

jr.willett · January 26, 2021, 6:41am

This topic now contains incorrect information: Email validation rules, please make them public knowledge

Auth0 used to use the regex shown, but they have since switched to using isEmail from the npmjs validator package.

Unfortunately the topic was closed so I can no longer reply and correct the misinformation. Please update the topic with correct info.

stephanie.chamblee · January 26, 2021, 12:49pm

Thank you @jr.willett! I have moved your post to this topic so that others will know that isEmail from the validator package is what Auth0 uses now.

Topic		Replies	Views
Auth0 email validation policy Help auth0	2	3141	October 7, 2022
Email regex verification Help auth0 , email , regex	2	5727	August 5, 2019
Email Validation in Auth0 Lock Form Help auth0 , auth0-lock , email-validation	1	2306	January 10, 2022
Invalid chars in email on signup Help signup , email-verification	5	2648	September 24, 2020
Email Validation Policy Help email-verification , user-management	2	45	August 30, 2024

Email validation rules, please make them public knowledge

Related topics