Auth0 Home Blog Docs

Lock 10 for Web - callbacks not working



Hi! I am using Lock 10 for Web in redirect mode with great success although there is 1 piece of the puzzle missing. I want users who sign up using email and password to confirm their email before being able to sign in. To do that, I’m using force email verified rule. The rule itself works nicely, but I’m having trouble fleshing out the user workflow using Lock 10 for Web:

  1. The default behavior is that when user signs up he is signed in automatically. This cannot happen since the email has to be verified first. I turn off automatic sign in and then a user who signs up is taken to a screen saying ‘Thanks for signing up’ with a green checkmark. How can I take back users who successfully signed up back to the initial Lock sign in view, preferrably with a notification such as ‘Verify your email and sign in’?
  2. When a user tries to sign in but his email is not verified, Lock tries to redirect me, as if the auth was successful. I need to display an error message saying the account is not verified instead.

How I googled around and found these two issues:

Maybe they’re related, maybe they’re not. Hard to tell as I’m new to Lock and things change rapidly. I tried using the workaround described in the second github issue but to no avail - as if the error callback never gets called?

Here’s a snippet as to how my lock initialization code looks like:

Thanks in advance.


The error event callback will only be called if you also initialize the Lock widget in the page associated with your redirectUrl (the one that receives the redirect containing the error information). More specifically, if you have your login page (the one creating the Lock instance) at and configure a redirect URL of then you also need to initialize Lock with the event handlers at that page.

The reason I’m calling your attention to this is that based on the available information it was not clear to me if you’re using the same page for login and callback or using different pages.