Hi and thanks for this great product/service. I am currently using the Auth0 lock v11, and was able to add a terms and condition checkbox and everything works by disabling the ability to continue while one is on the “Sign up” tab. i.e you are unable to sign-up with the social link until the checkbox is checked. However on the “Log in” tab, the social link “Sign in with Google”, which is enabled, will generate a user if they do not exist, bypassing the constraints that are setup on the “Sign up” tab. I may be missing a configuration?
I am trying to solve this use case, where I want users to sign in with OAuth2.0, but keep them from signing up without accepting the “terms & conditions”. Although, mustAcceptTerms prevents the user from continuing on the Sign up tab, they can still bypass by just using the social log in button.
I have tried some different approaches from using additionalSignUpFields and denying service to social sign up via rules.
I was go try to use both the mustAcceptTerms and a rule, however unlike additionalSignUpFields which saves data to the user’s user_metadata, the mustAcceptTerms doesn’t save any meta data to the user. Which makes it difficult to determine in the rules if one has actually checked the checkbox.
Hope all this makes sense. I appreciate any guidance with this use case. Thanks you!