Hi Auth0 team
I’m building a Web+ mobile app using Auth0 New Universal Login.
I do NOT want to build any custom hosted login/signup pages — I want to stay fully within Auth0 hosted UI.
My signup form collects:
- Password
- Custom field: Last 4 SSN (or Last4 ID)
I’m validating Last4 + Email using a Pre-User Registration Action by calling my backend.
- If validation fails, I show an error on the Auth0 signup page (this works fine).
- If validation succeeds, user is created and Auth0 sends the email verification link.
My requirement:
User must NOT be able to login until they verify their email.
After the user clicks the email verification link, they should be able to login normally.
Current issue / confusion:
After successful signup, Universal Login moves away from the signup form to another screen.
I want the Auth0 UI to clearly show something like:
“We sent a verification email. Please verify before logging in.”
Questions:
- Is it possible to show a confirmation message (“Verification email sent”) within Auth0 hosted Universal Login after signup success?
- What’s the best Auth0-recommended way to block login until email is verified (especially for mobile apps)?
- If I deny login in a Post-Login Action for unverified users, what is the correct UX / error handling approach?
Actions I’m using:
- Pre-User Registration Action for backend validation
- Post-Login Action to deny access if email_verified is false
Any guidance / best practice would be appreciated