Disable Sign-ups for a Specific Application
This article explains how to restrict new user sign-ups for a specific application while permitting sign-ups for other applications that share the same database connection.
- Auth0 New Universal Login
- Page Templates
- Actions
- Management API
When multiple applications share a single Database Connection, the Disable Sign-ups setting for that connection applies globally to all applications using it. Disabling sign-ups at the connection level blocks them across all applications. The most robust architectural solution is to separate the applications into different Database Connections. However, if sharing a connection is required, the following workaround utilizes a combination of a back-end Action for security and a front-end Page Template modification for User Experience (UX).
Part 1: Block Sign-up Attempts with an Action (Security Layer)
NOTE: This is the most critical step. Without this back-end validation, hiding the button on the front end does not prevent a user from crafting a direct API call to create a user.
-
Choose Actions > Library from the dashboard.
-
Select Build Custom.
-
Create a new Action with the following settings:
-
Name: Block Sign-up for <App Name>
-
Trigger: Pre User Registration
-
Runtime: Node 22 (or latest recommended)
-
-
Enter the following logic in the code editor to check the Client ID and deny access:
JavaScript/** * Handler that will be called during the execution of a PreUserRegistration flow. * * @param {Event} event - Details about the context and user that is attempting to register. * @param {PreUserRegistrationAPI} api - Interface whose methods can be used to change the behavior of the signup. */exports.onExecutePreUserRegistration = async (event, api) => { // REPLACEMENT REQUIRED: // Paste the Client ID of the application where sign-ups should be blocked const BLOCKED_APP_CLIENT_ID = "<BLOCKED_APP_CLIENT_ID_HERE>"; // Check if the registration attempt is from the blocked application if (event.client.client_id === BLOCKED_APP_CLIENT_ID) { // Deny the registration api.access.deny( 'signup_not_allowed', 'New user sign-ups are not permitted for this application.' ); } }; -
Select Deploy.
-
Choose Actions > Triggers > Pre User Registration.
-
Drag the new Action into the trigger and select Apply.
Part 2: Hide the Sign-up Button (UX Layer)
To hide the button on the New Universal Login page, the Login Page Template must be updated. This requires using the Management API and cannot be performed in the Dashboard UI.
NOTE: While the steps below utilize Cascading Style Sheets (CSS) within the Page Template to hide the button, CSS customization for elements controlled by the widget is generally discouraged. Class names (like .ulp-alternate-action) are not guaranteed to remain static over time. If the underlying HTML structure changes, this CSS may stop working.
Prerequisites:
-
A Management API Access Token with the
update:brandingscope. - A Custom Domain set up.
- A tool to make API requests (for example, Postman, cURL).
Steps (Using Management API):
-
Perform a GET request to retrieve the current Login HTML to modify the existing content rather than overwriting it.
-
Edit the HTML content to include the following Liquid conditional logic inside the
<style>tag in the<head>section:HTML
NOTE: Replace <My App Name> with the exact name of the application as it appears in the Dashboard.<head> <style> /* Custom Logic to hide Sign Up for specific app */ {% if application.name == "<My App Name>" %} .ulp-alternate-action { display: none; } {% endif %} </style></head> -
Perform a PUT request to update the template.
-
Headers:
-
Authorization: Bearer <enter_access_token> -
Content-Type: application/json
-
-
Configure the body as a JSON object containing the full HTML string in the template field.
-
NOTE: Properly escape double quotes and newlines within the HTML string when constructing this JSON.
JSON{ "template": "<!DOCTYPE html><html><head>...</head><body>...</body></html>" } -
