Need sample code for Email domain whitelist to use in actions

We are working on to migrate from Rules to action. We need sample code of Email domain verification to use in action.

Currently, we are using below code in Rules.

function emailDomainWhitelist(user, context, callback) {
  // Access should only be granted to verified users.
  if (!user.email || !user.email_verified) {
    return callback(new UnauthorizedError('Access denied.'));
  }

  const whitelist = ['gmail.com']; //authorized domains
  const userHasAccess = whitelist.some(function (domain) {
    const emailSplit = user.email.split('@');
    return emailSplit[emailSplit.length - 1].toLowerCase() === domain;
  });

  if (!userHasAccess) {
    return callback(new UnauthorizedError('Access denied.'));
  }

  return callback(null, user, context);
}

Hi @santhosh.nethaji,

Welcome to the Auth0 Community!

Here is the script converted to an Action for your convenience:

exports.onExecutePostLogin = async (event, api) => {
 if(!user.event.email || !user.event.email_verified){
   api.access.deny('invalid_request', "Access denied.");
 }

 const email = event.user.email.split('@')[1]
 const whitelist = ["gmail.com"]
  if (whitelist.includes(email)) {
    api.access.deny('invalid_request', "Access denied");
  }
};

I have attached some useful resources around migrating from Rules to Actions:

• Migrate from Rules to Actions
• Actions Limitations
• Post Login Action

I hope this helps!

Thanks,
Rueben

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.