When using a Pre-registration action, e.g. to validate the user’s email, after we set the access to deny (api.access.deny(‘deny_reason’) , the passwordless universal login proceeds showing the user an input field to enter the OTP code and a button to resend the code (although it correctly doesn’t send the OTP email/sms).
I know this is a known issue , but i’m wondering if a) the Auth0 team will release a fix soon and b) whether anyone has a workaround to continue using passwordless + email-validation without showing the OTP input fields/messages in the UI?
I’ve tried to trick auth0 to show it’s own ‘Email is not valid.’ error alert by setting event.user.email = “invalid_email@invalid” instead of api.access.deny(), but unfortunately it doesn’t help.
Many thanks in advance!
