How to Restrict Email Domains from Registering to the Passwordless Email Connection

ConnectionsActions

Last Updated:

Overview

Sign Ups can be disabled at the email connection level so that only registered users in Auth0 can use the Passwordless email connection.
image.png

If it is desired to leave Sign Ups enabled but limit the email domains that can register, this can be implemented via a Pre-User Registration action using the connection ID from the event object and the api.access.deny method.

The connection ID of the passwordless email connection can be obtained via the /api/v2/connections endpoint.

Applies To

  • Passwordless Email Connection

Solution

Here is an example of a Pre-User Registration Action that will restrict a list of email domains from registering to the passwordless email connection:  
exports.onExecutePreUserRegistration = async (event, api) => {
  const userEmail = event.user?.email;

  if (userEmail && invalidDomain(userEmail)) {
    return api.access.deny('invalid email domain', 'The email address provided is invalid');
  }
};

const invalidDomain = (userEmail) => {
  return invalid_domains.some(domain => userEmail.endsWith(domain));
};

const invalid_domains = [
  '@example.com',
  '@foo.com',
  '@test.com'
];

Recommended content

No recommended content found...
Need more help? Visit the Community
Visit the Auth0 Community