I want to allow users to login to my app using google-oauth2, but not allow any signups.
So I’m using the custom rule “Disable social signups” to prevent signing up using google.
But now I do I actually register new users? I want to be able to say - “here, create this user bla@gmail.com and allow it to login using his gmail account”
Hi @yakir
I think that rule was designed to disable future social signups but allow existing social users to continue to log in.
To do what you need is a little more challenging. What you need is a rule that checks a database/API to see if a social user has been invited, and fail the login if they have not. You can use an Auth0 username/password database for this, just make sure all applications do not use this as a connection (no logins actually come from this DB, it is just used to verify social logins). Then “invite” means adding that user’s email to this DB. The rule then checks to see if a user exists before allowing the signing.
John