I want to be able to authorize users manually, that is, they create their account, verify their email, but at that point have a way to give them approval so they can log in.
Hey @nepimentel welcome to the community!
You should be able to achieve this by utilizing a user’s metadata and an action to check it. Something like the following:
Set isApproved metadata in a Pre User Registration Action:
exports.onExecutePreUserRegistration = async (event, api) => {
// Set the initial approval status to false
api.user.setUserMetadata('isApproved', false);
};
Check metadata in a Post Login Action when a user goes to log in:
exports.onExecutePostLogin = async (event, api) => {
const isApproved = event.user.user_metadata?.isApproved;
// If the isApproved flag is not true, block the login
if (isApproved !== true) {
api.access.deny('Your account has not been approved yet.');
}
};
You can either update a user’s metadata using the Auth0 Dashboard or the Management API to manually authorize users.
1 Like