How can I authorize a post-registration action to access a protected endpoint?

I have created a custom action for adding a user to my app’s database after they register via Auth0. That is currently working, with my app’s endpoint being called and the user being created.

However, I need to protect this endpoint in my app so that I only accept requests from the above action.

I am using a Next JS App and the API endpoint is part of the same app to which the user is registering. How can I authorize the post-registration action to have access to this protected endpoint?

For reference, this is the action and corresponding endpoint:

Custom action, triggered after user signs up

const axios = require("axios");

exports.onExecutePostUserRegistration = async (event, api) => {    
    await"<API URL>/api/users/new", { email: });

Receiving Next JS API Endpoint that needs to be protected

I need to protect this endpoint so that it only accepts requests from the above action.

async function handler(req: NextApiRequest, res: NextApiResponse<Data>) {
  const email =;

  if (!email) {
    res.status(400).send({ message: "Missing email parameter" });

  const user = await createUser({
  console.log("created user: ", user);
  res.status(200).send({ message: "user added", user });

Any tips or suggestions are appreciated!