Get information of the blocked user

Hi folks, I would like to add a check for user status before login for users who were enrolled outside Auth0 to the system. But based on my research I found there are no ways to add a check until the login process is completed. I found that if the user is blocked and if that user makes an attempt to login to the application, the user is redirected back to the application with the error message: user is blocked. Is it possible to get some user detail like email in the application with the error message?

Hi @SujayPrabhu96,

Thanks for reaching out to the Auth0 Community!

There isn’t any way to bubble up to email address to the application with the error message.

However, one solution I can think of is to use the Management API’s Search log events endpoint to filter your logs for the limit_wc event type code which is the event for blocked accounts.

In these logs, you should be able to see all the details about the blocked event, including the email address, error message, and more.

Does that help?

Thanks,
Rueben

Hi @rueben.tiow Thank you for the reply.

However, one solution I can think of is to use the Management API’s Get blocks by identifier endpoint to get the list of blocked users for a particular connection type. From here, you can get the email address of that user.

How can I get the email address of the user who tried to login? Because if the user is blocked and if he tries logging in, we get only the error message without any user specific information.
If there is no way to get the user info, I might have to hit the Search log events API along with user IP as search parameter to get the info of the user who tried to login

Hi @SujayPrabhu96,

Thank you for your reply.

I have made some edits to my previous post. After checking further, I found that the only possible way to get the information of the blocked user is to use the Management API’s Search log events endpoint.

I understand that it will require some uplift on your part, but this would be the current workaround to accomplish this behavior.

Let me also add that we have the Add endpoint to get a list of blocked users from brute force protection feedback request already being tracked in the Community. I recommend upvoting on this feedback so that it gets prioritized sooner based on the number of upvotes.

Please let me know if there’s anything else I can do to help.

Thanks,
Rueben

Sure @rueben.tiow . Thanks for your info. I will try it out using Search log API

1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.