Auth0 Home Blog Docs

Validate user_metadata on signup


#1

It is imperative that on signup, we collect a valid telephone number. Client-side validation is insufficient.

I’ve tried to implement as a rule a validation step, but understand that the rules do not run on sign up, only on login.

So - how can I validate user_metadata, and return an error in the API when it fails?

Thanks.


#2

Not an expert, but maybe a hook will do what you want.


#3

From what I read, Hooks can not be used to validate inputs because the response does not return to the caller through the API response. The last line in the documentation for Pre-user registration states: “The Pre-Registration Hook does not currently pass error messages to any Auth0 APIs.”

This seems like a very common use case. Any other suggestions?


#4

Hello there all! As Markd mentioned, Hooks are definitely the way to go. We would recommend the pre-register hook. In the event the validation is done in the rule, it will only stop authentication attempts, not signups, meaning that the users will still be created.


#5

Thanks James. So what’s the best practice in this case? How should we return the fact that it failed validation?

One thought would be to block or delete the user using a pre-register hook and the management api?