Need sample code for Email domain whitelist to use in actions

santhosh.nethaji · August 1, 2023, 5:54pm

We are working on to migrate from Rules to action. We need sample code of Email domain verification to use in action.

Currently, we are using below code in Rules.

function emailDomainWhitelist(user, context, callback) {
  // Access should only be granted to verified users.
  if (!user.email || !user.email_verified) {
    return callback(new UnauthorizedError('Access denied.'));
  }

  const whitelist = ['gmail.com']; //authorized domains
  const userHasAccess = whitelist.some(function (domain) {
    const emailSplit = user.email.split('@');
    return emailSplit[emailSplit.length - 1].toLowerCase() === domain;
  });

  if (!userHasAccess) {
    return callback(new UnauthorizedError('Access denied.'));
  }

  return callback(null, user, context);
}

rueben.tiow · August 2, 2023, 3:00pm

Hi @santhosh.nethaji,

Welcome to the Auth0 Community!

Here is the script converted to an Action for your convenience:

exports.onExecutePostLogin = async (event, api) => {
 if(!user.event.email || !user.event.email_verified){
   api.access.deny('invalid_request', "Access denied.");
 }

 const email = event.user.email.split('@')[1]
 const whitelist = ["gmail.com"]
  if (whitelist.includes(email)) {
    api.access.deny('invalid_request', "Access denied");
  }
};

I have attached some useful resources around migrating from Rules to Actions:

I hope this helps!

Thanks,
Rueben

system · August 16, 2023, 3:01pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.