In the New Universal Login experience, both for passwordless email and username/password authentication flows, there’s a UX issue when using a Pre-User Registration Action to block certain email domains.
Currently, even when the action correctly uses api.access.deny(...) to block a new registration (e.g., based on domain restrictions), the UI proceeds to:
- Show the OTC input screen (in passwordless)
- Or show a success message like “An email has been sent”
- Or continue the signup flow (in username/password), before finally returning the denial message
This behavior creates a confusing and misleading experience for the user because:
- They’re shown UI elements that imply the flow is continuing normally
- They may attempt to input a code they never received (in passwordless)
- Or continue filling out the form, unaware that registration will fail
The backend logic works correctly (e.g., the profile is not created, and the OTC is not sent), but the frontend behavior causes friction and poor UX.
Request:
We request a way to interrupt the UI flow earlier when a registration is denied by a Pre-User Registration Action, so that:
- The OTC screen or success message is not shown in passwordless flows
- The user is not shown a continuation of the signup form in username/password flows
- The denial message is shown directly after email or username submission, avoiding further interaction
If this cannot be addressed within the current New Universal Login flow, please consider adding a supported mechanism or hook that allows earlier validation based on user input (e.g., email domain) before rendering the next step in the login/signup UI.
This would significantly improve the experience for users in domain-restricted environments.
Thank you!