User Registration during SS0 Login

I’m trying to login with a user which is not present in Auth0 via SSO. This creates a new user in Auth0. How to prevent this user registration and need to throw error if the user does not exists in Auth0

Hi @joe.abraham,

You could either do this in a Pre-User Registration Action script to prevent unregistered users from signing up.

Alternatively, you can disable the sign up option completely in your Database connection.

You can disable sign ups by going to Auth0 Dashboard > Authentication > Database > YOUR_CONNECTION , scroll to the bottom, and toggle on the Disable Sign Ups button.

Thanks,
Rueben

Hi @rueben.tiow,

I’ve already toggled on the disable signups in Database connection settings. However the user registration still happens. In the doc for Pre User Reg action, it’s mentioned that it will runs before a user is added to a Database or Passwordless Connection. I’m using Enterprise connections (Okta for now). I’ve tried Pre user action as well, Inside the script, I just tried api.access.deny(), but it doesn’t seem to be invoked.

Thanks

Hi @joe.abraham,

Thanks for the update.

Unfortunately, as you have discovered, the Pre-User Registration action only works for database and passwordless connection users. It will not work with enterprise connections.

And when using an Enterprise connection, there is no option to disable sign-ups. This is because the sign-up happens at the IdP and not at Auth0.

Is your current application allowing multiple types of connections to authenticate? Like email + password, and enterprise connections?

Thanks,
Rueben

Hi @rueben.tiow,

We aim to restrict users from customer organisation not yet onboarded to our application from accessing our system. Yes I know sign-up and login occur at the Identity Provider (IdP) side, our focus is on preventing non-onboarded users from registering in Auth0.

I’m exploring the recommended Auth0 approach to achieve this. Despite being unable to directly prevent user registration, I’ve implemented a workaround. By disallowing login for non-onboarded users through the Login/Post Login action, we enforce this restriction.

If there are alternative methods or suggestions from Auth0 to address this issue more effectively, I’d appreciate your guidance.

Thanks