Overview
Sign Ups can be disabled at the email connection level so that only registered users in Auth0 can use the Passwordless email connection.
If it is desired to leave Sign Ups enabled but limit the email domains that can register, this can be implemented via a Pre-User Registration action using the connection ID from the event object and the api.access.deny method.
The connection ID of the passwordless email connection can be obtained via the /api/v2/connections endpoint.
Applies To
- Passwordless Email Connection
Solution
Here is an example of a Pre-User Registration Action that will restrict a list of email domains from registering to the passwordless email connection:
exports.onExecutePreUserRegistration = async (event, api) => {
const userEmail = event.user?.email;
if (userEmail && invalidDomain(userEmail)) {
return api.access.deny('invalid email domain', 'The email address provided is invalid');
}
};
const invalidDomain = (userEmail) => {
return invalid_domains.some(domain => userEmail.endsWith(domain));
};
const invalid_domains = [
'@example.com',
'@foo.com',
'@test.com'
];