Whitelist and catch error using google

General
#1

I’m trying to use the auth0-angular library with Angular 10 to allow a specific set of google users to log in to my site.

I found a guide on creating a Whitelist rule, which works okay, but I have a couple questions:

  • Is there a way I can feed the list of valid emails into this rule from my app using config or anything? Right now, I just have a hard-coded list of strings in the rules, which adds an unwanted maintenance cost.

  • The example throws an UnauthorizedError() in the rule, which doesn’t result in displaying any error page in my app. It just redirects back to the callback with isLoggedIn as false. I tried using the Observable returned by loginWithRedirect() to catch the error, but this error is never thrown.

Thanks,
Mayhew

#3

Hi @mayhew3,

Do the email addresses share a domain? If so you can use a domain-specific rule.

If not, you could store the email addresses in a .txt file in Dropbox and reference that in the rule. Here is an example: Dropbox WhiteList

You could use this approach with other cloud storage options or your own protected API as well.

You can capature login errors by subscribing to the error$ observable

authService.error$.subscribe((error) => console.log(error));

If you’re using the Angular Quick Start, you can edit the ngOnInit function in the src/app/components/nav-bar/nav-bar.component.ts file to log the error:

  ngOnInit() {
    this.auth.error$.subscribe((error) => console.log(error));
  }

Hope that helps!

Stephanie

1 Like
#4

Thanks for your response!

The error$ observable works just like I needed, thanks!

I’m interested in API solution, but would still want to be able to send input from my app about my environment or configuration. Is that possible?

#5

Yes, Rules have access to the Context object which contains the clientMetadata property as well as other information about your app. You can store key/value pairs of data in your application’s client metadata by opening up the advanced settings in the application settings in the dashboard.

screenshot-manage.auth0.com-2021.01.15-13_55_47
screenshot-manage.auth0.com-2021.01.15-13_55_471108×499 33 KB

Or you can use the Management API’s /api/v2/clients/{id} endpoint to add data to the client_metadata object.