Sending custom params to an action via passwordless login

I’m in a situation where I’m using auth0-js inside an angular app for passwordless login via the WebAuth.passwordlessStart method. I have set up an action in auth0 during pre-user registration where I would like to receive a parameter off the event or api object for further user verification. More specifically, I have added a recaptcha on the login page and would like to send the recaptcha token through to my pre-user registration action so I can call out to google’s recaptcha verification endpoint inside the action and admit or deny the user based on google’s response. This would ideally happen when calling passwordlessStart instead of passwordlessLogin, but either scenario is acceptable.

Looking at the docs, auth0 doesn’t support recaptcha in passwordless authentication scenarios, but our use case calls for it and wanted to know if there was a way to support this.

Hi @andy.balzer

Welcome to the Auth0 Community.

We recently updated Lock to add support for captcha on passwordless flows, see here https://github.com/auth0/lock/releases/tag/v11.35.0 so you should just be able to configure it via Security > Attack Protection > Bot Detection:

Then ensure your version of Lock is running at least version 11.35.0 so check Branding > Universal Login > Login tab

That should do it, I tested this out on my sms based passwordless connection using Simple Captcha and the results are below :slight_smile:

I hope this helps you.

Warm regards.

1 Like

Hey there!

As this topic is related to Actions and Rules & Hooks are being deprecated soon in favor of Actions, I’m excited to let you know about our next Ask me Anything session in the Forum on Thursday, January 18 with the Rules, Hooks and Actions team on Rules & Hooks and why Actions matter! Submit your questions in the thread above and our esteemed product experts will provide written answers on January 18. Find out more about Rules & Hooks and why Actions matter! Can’t wait to see you there!

Learn more here!

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.