How To Block Signup From Spam Domains?

What is the best way to block users from spam domains like, from signup?

It depends on the exact scenario, if you’re referring to signup associated with a database connection, which means the account identity (username/password) is managed by your Auth0 account, then you can consider implementing a pre-registration hook that will actually prevent the creation of the user.

For other connection types, like social connections, the hooks approach is not currently available, however, you can still implement a similar approach through rules. Have in mind that the rule won’t actually block the creation of a user profile associated to that user, however, it will indeed block the overall transaction so the visible effect to the end-user is mostly the same; they won’t be able to signin or login. In order to complement this approach you can also then implement a process that routinely cleans up these blocked accounts by using the applicable endpoints available through the Management API v2.

1 Like