Rule for verified email results in the display of another error

I am using the Auth0 ASP.NET Core Authentication SDK with my .NET 6 MVC web application to authenticate users, and so far login and logout using the universal login page are working fine. I would juts like to only allow verified email addresses though, so I have just added a rule that a user must have a verified email before they can log in. The rule appears as follows:

function emailVerified(user, context, callback) {
  if (!user.email_verified) {
    return callback(
      new UnauthorizedError('Please verify your email before logging in.')
  } else {
    return callback(null, user, context);

I would have expected Auth0 login to show the user this error when they try and log in without having a verified email, but instead the user (me) gets shown an Internal Server Error page with the following error message:

# An unhandled exception occurred while processing the request.

OpenIdConnectProtocolException: Message contains error: 'unauthorized', error_description: 'Please verify your email before logging in.', error_uri: 'error_uri is null'.

Unknown location

Exception: An error was encountered while handling the remote login.


I see the official documentation for “Force Email Verification” says,

Note: It might be a better UX to make this verification from your application.

I have no idea how to make this verification from my application and neither can I find any docs on doing so. I imagine I would somehow have to query an API that tells me whether the user has a verified email before allowing them to log in via Auth0, but I have no idea how to do this? Any tips or suggestions would be most welcome.