Auth0 Home Blog Docs

Require Accept Terms on Social Connections

lock
social-connections

#1

If I want the user’s to accept terms when creating an account, there is that option with Lock for Username/password signup, but it seems with Social Connections such as Facebook, user’s can login with no regard to accepting the terms.

Is this just how it works or a bug? Kinda makes having “accept terms” and “facebook login” an impossibility unless I’m missing something.


#2

The Lock acceptTerms feature is only available for database connections. You can achieve this functionality using Redirect Rules:
https://auth0.com/docs/rules/redirect

E.g.

  1. User signs up with Facebook
  2. Rule checks for social, first time login -> Redirects to your T&C acceptance page
  3. Upon acceptance on your page, you can call the /continue endpoint to complete the authentication flow and return to your application.

Your rule could look something like:

function (user, context, callback) {

  if (context.protocol === "redirect-callback") {
    // User was redirected to the /continue endpoint
    return callback(null, user, context);
    
  } else if(context.connection === 'facebook' && context.stats.loginsCount === 1){
    // User is facebook user, first time login
    // Redirect to T&C acceptance page
    context.redirect = {
      url: "https://myapp.com/acceptTerms"
    };
    return callback(null, user, context);
  } else {
    //DB connection user, or Facebook user who has logged in before
    return callback(null, user, context); 
  }
   
}

#3

@prashant Hey Prashant, do you plan to add the feature “accept terms for social plugins” too?


#4