Unique email in single tenant using actions

Help
,
1

How do I outright block the user (e.g. show an error message) if he’s trying to sign up using one social connection (e.g. Facebook) when he’s already registered through another social connection (e.g. Google) or single database using actions?

In my use case I have single user database, Facebook and Google only.

  • I don’t want to use account linking extension because that extension still allows the user to skip the linking.
  • I don’t want to use rules/hooks because Auth0 is telling me these are obsolete.
  • I need to verify email uniqueness just in a single tenant. I’m saying this because there is other topic in the forums asking for uniqueness across multiple tenants.
3

Hi @miroslav.bartl

Welcome back to the Auth0 Community.

You should be able to achieve this with a Post Login Action, something like the below you can chop and change to meet your needs.

exports.onExecutePostLogin = async (event, api) => {
  const ManagementClient = require('auth0').ManagementClient;
  const management = new ManagementClient({
    domain: event.secrets.domain,
    clientId: event.secrets.clientId,
    clientSecret: event.secrets.clientSecret,
  });

  const params = {
    search_engine: 'v3',
    q: `email:"${event.user.email}"`
  };

  try {
    const users = await management.getUsers(params);
    if (users.length > 0) {
      management.users.delete({ id: event.user.user_id });
      api.access.deny('This email address already exists');
    }
  } catch (e) {
    console.log(e)
    // Handle error
  }
  
};

This guide will introduce you to Actions if you’re not familiar with it https://auth0.com/docs/customize/actions/write-your-first-action

Please let me know if you need anything further.

Warm regards.

4

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.