community.
We have an influx of fake user signups come in through Google oauth. We are able to identify the bad ones with high accuracy and have a filtering Rule in place.
Unfortunately though, it seems neither Rules nor Actions allow us to run the filters PRE registration. Either two only run for username-password auths. This means while we ultimately stop the fake users from entering our app, we still have a ton of (very) expensive dead users in Auth0.
Is there a solution for this?
Hi @ab-121
This is the way social connections work: Auth0 is not responsible for creating the account - that falls to Google, so there is no “pre registration” action.
There are a couple of solutions:
One - you can make the dead accounts not expensive (I am not sure why they would be expensive if they are marked as unusable).
Two - the rule that filters can also delete the account, or preferably queue the account for deletion (using some undetermined mechanism to execute the deletion).
John
Hi @john.gateley!
Two makes sense. We may end up just doing that.
Not sure what you mean by the first solution. These spammers bulk purchase Gmail accounts for 1-2 cents online. We have ways to figure out which one is a bad account looking at the user and the context (the emails are pretty obvious) but they’ll still count towards MAUs as far as I understand your pricing?