Block Specific Email Domains Using a Post-Login Action

ActionsUser Management
Dec 5, 2025
Overview

This article clarifies whether it is possible to block users from specific email domains, such as @gmail.com, from signing up or signing in to an application.

Applies To
  • Google Login
  • Restrict users
Solution

Follow the steps or video below:


It is possible to block access by creating an Action that determines the user's email domain. For example, if the domain matches google.com, that user is denied access.

This behavior requires a Post-Login Action. Although it is a "Post-Login" Action, the user does not complete the sign-in process. The Post-Login Action flow triggers after authentication but before the token is issued.

Action Flow

The user starts the sign-in flow, but the Action triggers and performs the required validations. If the criteria are met (e.g., a blocked domain), the Action stops the Access Token from issuing. The outcome is that the user is unable to sign in.

  • This flow blocks users from both signing in and signing up via Google Login.

  • For signups using an Auth0 database connection, the Pre-Registration action flow achieves the same result.

  • If a user creates an account by signing up with Google (Google Login), the Post-Login flow is the correct method.

The following code example demonstrates how to block users with a @gmail.com domain. This code can be modified for specific needs.

 

const onExecutePostLogin = async (event, api) => {
    var userEmailDomain = event.user.email;
    userEmailDomain = userEmailDomain.split("@")[1];

    if (userEmailDomain == 'gmail.com'){
        return api.access.deny('You are not allowed to access this resource');
    }
};
exports.onExecutePostLogin = onExecutePostLogin;

 

To create this Action:

  1. Sign in to the Admin dashboard.

  2. Choose Dashboard > Actions > Triggers > post-login.

  3. Click the + icon to the right of Add Action.

Create an Action

  1. Select Create Custom Action from the drop-down list.

  2. In the Create Action dialog, enter a name, select the trigger type, and choose the Node runtime.

Create Action Dialog Box

  1. Add your code based on the example above and select Deploy

Deploy

  1. Once the Action is deployed, drag it to the Post-Login Action flow and select Apply.

Apply Post Login Flow

 

Recommended content

No recommended content found...
Need more help? Visit the Community
Visit the Auth0 Community