Error 'Something Went Wrong' when user tries to register an already registered email address

Hi,

I have come across an issue where if a user registers themselves first and then goes back to the registration page and uses the same email address, it comes up with ‘Something went wrong’.

Shouldn’t it ideally say that this user is already registered? Or am I missing something here?

Thanks
Saj

Hi @sajith.jayaratne,

Welcome to the Auth0 Community!

The “Something went wrong” error is the expected behavior since revealing that a “user already exists” may allow a malicious actor to infer that the account actually exists and target that specific account knowing that it’s valid. Because of this, we strongly recommend using a generic error for the public signup error message.

Please check out this Community Topic that explains this in more depth:

Thanks,
Rueben

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.