Auth0 Home Blog Docs

Get user password in post login rules

Is it possible to retreive user password in a auth0 rule?

function (user, context, callback) 

As rules receive the user, context objects neither of them have the password.

{

“clientID”: “123456789”,
“clientName”: “MyWebApp”,
“connection”: “MyDbConn”,
“connectionStrategy”: “auth0”,
“protocol”: “oidc-basic-profile”,
“request”: {
“query”: {
“scope”: “openid”
},
“body”: {

},
"userAgent": "Mozilla",
"ip": "X.X.X.X",
"geoip": {
  "country_code": "AR",
  "country_code3": "ARG",
  "country_name": "Argentina",
  "region": "08",
  "city": "Federal",
  "postal_code": "3180",
  "latitude": -30.954599380493164,
  "longitude": -58.78329849243164,
  "continent_code": "SA",
  "time_zone": "America"
}

},
“samlConfiguration”: {

},
“stats”: {
“loginsCount”: 5
},
“accessToken”: {

},
“idToken”: {

}
}

Should the password be be set in the database connection and retrieved in the rule?

I can’t say for 100% certainly, but I would wager on Auth0’s culture, and obviously security reasons, that you can’t do that. Why are you trying to obtain their password?

1 Like

Hey there @auth0auth!

It’s not doable to retrieve user password with rules. All the things you have access to using rules are listed here:

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.