I am working on a NextJS website that uses Auth0 to authenticate users. We are just about to launch our beta test and we have code set up that will send emails to our list of beta users with personalized sign up links. These links contain individual beta_keys as url parameters. We also developed an API on our website that validates these api keys. However, we want to pass this beta key to the PreUserRegistration Action, which then calls our api and denies users that have no beta_key or an invalid beta_key.
We have tried a variety of ways and scoured the community forums to find a way to pass information to the PreUserRegistration Action through the Event object, but to no avail. We haven’t found a way to add information to the Event object. We would greatly appreciate any help on the matter, or additional ideas that circumvent this issue.
As this topic is related to Actions and Rules & Hooks are being deprecated soon in favor of Actions, I’m excited to let you know about our next Ask me Anything session in the Forum on Thursday, January 18 with the Rules, Hooks and Actions team on Rules & Hooks and why Actions matter! Submit your questions in the thread above and our esteemed product experts will provide written answers on January 18. Find out more about Rules & Hooks and why Actions matter! Can’t wait to see you there!
Your findings are in alignment with the design of the PreUserRegistration flow (security considerations). Our post login flow allows to reach custom params sent with the /authorize request. Also the password reset flow enables the event.request.query method.
Looking at what’s available - you could try using Auth0’s invitations (which are repurposed password reset links) sent to a user email. As part of the flow, once a user set password, they are redirected to login (so to send the /authorize request where you can pass additional custom query params) and these custom params can be reached in the post login flow.
The docs I linked describe the process and requirements. Does this address your use case?