Correct me if I am wrong here @tyf, but would they be able redirect users to the tenant’s logout endpoint via the Post-Login Action’s api.redirect.sendUserTo function?
i.e.
exports.onExecutePostLogin = async (event, api) => {
if (!event.user.email_verified) {
api.redirect.sendUserTo('https://TENANT_DOMAIN/v2/logout', {
query: { returnTo: 'WHITELISTED_LOGOUT_URL' }
});
}
};
The WHITELISTED_LOGOUT_URL can be a custom error page they’ve set up to notify the user that they must verify their email address before logging in.
Although I understand that this won’t work for post-login flows initiated with prompt=none as noted in: Redirect with Actions