Manually authorise signups

prashantT · April 25, 2017, 12:12pm

We don’t currently have an out-of-the-box solution for this scenario. There are 2 options that may be suitable:

1. Invite-only application

This will allow you invite specific users to use your application, however it does require additional setup and handling email sending on your end.

2. Using app_metadata and Rules

You can extend the Force Email verification rule to also check for another flag in the user’s app_metadata. E.g.

  function (user, context, callback) {
      if (!user.email_verified) {
        return callback(new UnauthorizedError('Please verify your email before logging in.'));
      } else if(!user.app_metadata.isBetaAuthorized) { // check the isBetaAuthorized app_metadata
        return callback(new UnauthorizedError('You are not yet authorized to access the beta.'));    
      }else {
        return callback(null, user, context);
      }
    }

This will prevent users without the isBetaAuthorized app_metadata to login to your application. You can then manually set this flag to true for any users you wish to authorize.

Topic		Replies	Views
I'm looking for a way to manually authorize users Help user-profile , user-management	2	195	May 7, 2024
Ruby on Rails Authorization Help auth0 , rails	5	3839	December 3, 2019
Manually confirm user registration Help user-profile , user-management	4	649	February 6, 2024
Regulating and verifying users before granting them access Help user-management , user-invitation	4	448	February 15, 2024
How sign up gracefully with Username-Password-Authentication ("email_verified": true) Help signup , login	7	4936	February 16, 2019

Manually authorise signups

Related Topics