I'm looking for a way to manually authorize users

I want to be able to authorize users manually, that is, they create their account, verify their email, but at that point have a way to give them approval so they can log in.

Hey @nepimentel welcome to the community!

You should be able to achieve this by utilizing a user’s metadata and an action to check it. Something like the following:

Set isApproved metadata in a Pre User Registration Action:

exports.onExecutePreUserRegistration = async (event, api) => {
  // Set the initial approval status to false
  api.user.setUserMetadata('isApproved', false);
};

Check metadata in a Post Login Action when a user goes to log in:

exports.onExecutePostLogin = async (event, api) => {
  const isApproved = event.user.user_metadata?.isApproved;

  // If the isApproved flag is not true, block the login
  if (isApproved !== true) {
    api.access.deny('Your account has not been approved yet.');
  }
};

You can either update a user’s metadata using the Auth0 Dashboard or the Management API to manually authorize users.

1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.