Sending custom params to an action via passwordless login

I’m in a situation where I’m using auth0-js inside an angular app for passwordless login via the WebAuth.passwordlessStart method. I have set up an action in auth0 during pre-user registration where I would like to receive a parameter off the event or api object for further user verification. More specifically, I have added a recaptcha on the login page and would like to send the recaptcha token through to my pre-user registration action so I can call out to google’s recaptcha verification endpoint inside the action and admit or deny the user based on google’s response. This would ideally happen when calling passwordlessStart instead of passwordlessLogin, but either scenario is acceptable.

Looking at the docs, auth0 doesn’t support recaptcha in passwordless authentication scenarios, but our use case calls for it and wanted to know if there was a way to support this.

Hi @andy.balzer

Welcome to the Auth0 Community.

We recently updated Lock to add support for captcha on passwordless flows, see here https://github.com/auth0/lock/releases/tag/v11.35.0 so you should just be able to configure it via Security > Attack Protection > Bot Detection:

Then ensure your version of Lock is running at least version 11.35.0 so check Branding > Universal Login > Login tab

That should do it, I tested this out on my sms based passwordless connection using Simple Captcha and the results are below :slight_smile:

I hope this helps you.

Warm regards.