Problem statement
When attempting to sign up with a regular database connection, Auth0 uses the isEmail
function provided by the validator
npm package however, with a custom database sometimes it appears this validation does not occur and a string that does not meet the valid email format can be saved for the user.
Solution
The issue may occur if a custom database connection is created with the Management API and the connection is missing an options.strategy_version
property.
If the options.strategy_version
property has a value of 2 , it will validate the email and a tenant log with a message “DB Login Custom script: email “xxxxxx” is not valid, please update the import user script in the connection settings.” will appear. The connection can be patched with PATCH /api/v2/connections/{id}
to have strategy_version: 2
included in the options
object to gain the validation.