User Can be Created With Invalid Email Format

dan.woda · October 13, 2023, 6:31pm

Problem statement

When attempting to sign up with a regular database connection, Auth0 uses the isEmail function provided by the validator npm package however, with a custom database sometimes it appears this validation does not occur and a string that does not meet the valid email format can be saved for the user.

Solution

The issue may occur if a custom database connection is created with the Management API and the connection is missing an options.strategy_version property.

If the options.strategy_version property has a value of 2 , it will validate the email and a tenant log with a message “DB Login Custom script: email “xxxxxx” is not valid, please update the import user script in the connection settings.” will appear. The connection can be patched with PATCH /api/v2/connections/{id} to have strategy_version: 2 included in the options object to gain the validation.

Topic		Replies	Views
Auth0 disallows emails with valid format Help connections , regular-database-connections	2	2620	December 8, 2022
Auth0 Email Validation Knowledge Articles signup , verify-email	2	812	June 21, 2023
Management Api Email Validation Help management-api , email-validation	2	5330	March 2, 2018
"PUT /email is not available for custom connections" Management API Error Help api	5	1510	November 4, 2022
Validate Email Format on Custom Login Page Knowledge Articles custom-login , email , validation	1	2070	August 10, 2022

User Can be Created With Invalid Email Format

Problem statement

Solution

Related Topics