I have an invite-only application and I would like to give access only to users manually created by an administrator in the Auth0 dashboard.
I have it working for email/password logins, with the Disable Sign Ups option in the email/password connection: I create email/password users manually. But anyone with a Google Account can still login to my application.
Is there a way to restrict Google Accounts (or any other connection) to only those that I manually create via the dashboard?
Just thinking out loud here but I believe, if you can match the Google accounts with the manually created accounts in some way, you could implement this in a rule or maybe a pre-registration hook. E.g., if you manually create the accounts using the user’s gmail email address, you could implement logic along the lines of “if this Google user’s email address matches a user in the Auth0 user database, link the accounts and carry on, else reject the user”.
I haven’t tested this myself, but sounds like an interesting experiment. I might give it a shot.
Any luck re-creating this scenario?
From what I see, I can only add users in Auth0 using a user/password connection?
I’ve brought this up here as well -
Sorry for such huge delay in response! We’re doing our best in providing you with best developer support experience out there, but sometimes our bandwidth is not enough comparing to the number of incoming questions.
Wanted to reach out to know if you still require further assistance?