Wordpress: Users are Not Being Created in Auth0 because of Bot Detection

Last Updated: Dec 5, 2024

Overview

When using the WordPress plugin Login by Auth0, not all new users are being created in Auth0. The official plugin of Login By Auth0 is being used and utilizing a WooCommerce Action to create a new user in the Auth0 DB after the users sign up on checkout. The code snippet used is below.

add_action( 'woocommerce_created_customer', 'add_user_into_auth0', 10, 2 );
function add_user_into_auth0( $customer_id, $new_customer_data ) {
$a0_options = WP_Auth0_Options::Instance();
$payload = [
'client_id' => $a0_options->get( 'client_id' ),
'email' => $new_customer_data['user_email'],
'password' => $new_customer_data['user_pass'],
'connection' => 'DB-Oaksterdam-University',
];
$new_auth0_user = WP_Auth0_Api_Client::signup_user( $a0_options->get( 'domain' ), $payload );
if ( $new_auth0_user ) {
$new_auth0_user->sub = 'auth0|' . $new_auth0_user->_id;
unset( $new_auth0_user->_id );
$user_repo = new WP_Auth0_UsersRepo( $a0_options );
$user_repo->update_auth0_object( $customer_id, $new_auth0_user );
}
}

The user is created in Wordpress but not in Auth0. No Failed Signups (fs) are seen in tenant logs.

Applies To

  • WordPress

Cause

This issue occurs because the WordPress server IP address is not included in the Bot Detection IP Allow List.

Solution

Add the WordPress server IP address to the Bot Detection IP Allow List so it will not be flagged as suspicious. Once added to this Allow List, all users should be created in Auth0.