We’ve noticed an error trying to sign up to our application using the email address “foo.bar+test1@gmail.com”, but “foo.bar+candidate@gmail.com” works fine.
Why is this happening?
Is this something that we can configure for our tenant?
Hi @rai1,
Thanks for joining the Community!
I tested out adding foo.bar+test1@gmail.com and foo.bar+candidate@gmail.com in my own tenant, and it looks like both sign-ups are successful.
To help troubleshoot this, can you look in your dashboard logs and see if there are any additional details about the error?
Thanks!
Thanks for having a look at this. Turns out that the account already existed!
The developer who was testing this was getting the error 400 (invalid_signup) but not the error user_exists. Wouldn’t that have been more appropriate in this instance?
The error will be invalid_signup if your tenant has the “Use a generic response in public signup API error message” setting turned on (by default it is on). This setting is located in the “Advanced” tab in your tenant settings.
A generic error message is returned in this case to help protect against username enumeration attack.
Here is more information about the response: Auth0 Support Center
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.