Exclude unverified email from duplicate checks

If a user attempts to sign up using an email address that is already registered, “The user already exists.” error will occur and the signup will fail.

I want to exclude unverified email accounts (pending account) from duplicate checks.

If a signup uses an email address that matches an existing pending account, I want the new signup to be successful and the existing pending account to be deleted (or overwritten).

What are the possible solutions for this?

Hi @t.fukao

Welcome back to the Auth0 Community!

Thank you for posting your question, unfortunately this flow won’t be possible as Auth0 will decline the signup process before triggering any Action if the email address already exists. On the other hand I wouldn’t recommend this approach as it allows attackers for exploiting this flow.

Thanks
Dawid

1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.