Introduction

Auth0 has a feature called Actions that allows you to incorporate custom logic into authentication processes such as login and user registration. For example, when logging in, you can request MFA or deny authentication according to the country or IP address of the access source, and when registering users, you can force email authentication.

On this page, we will introduce the setting method and the actual operation, taking as an example the realization of the operation of checking the domain of the email address at the time of user registration and rejecting the registration if the domain is prohibited from being registered.

premise

The information on functions and settings described on this page is current as of October​ ​2022.

Setting overview

The settings for implementing custom logic using the Actions function are as follows.

1. Create a new Action
•Define custom logic by code editing (JavaScript writing)
2. Incorporate the created Action into Flow
•Specify the trigger that activates the created Action
Select triggers from those already defined on the Auth0 side (at login, before user registration, etc.)

From here, we will introduce specific setting methods and operation examples.

Setting example: Registration prohibited mail domain check

1. Create a new Action
①On the Auth0 management screen, click [Actions] > [Library]

② Click [Build Custom]

(3) Select the name of the action to be created, the trigger of the action, and the execution environment, and click [Create]. This time, select [Pre User Registration] for [Trigger] in order to incorporate the Action into the flow before user registration.

④ Write the logic to be realized in the code editor (JavaScript description)

⑤Click [Deploy]

⑥ Confirm that the created Action has been successfully deployed

2. Incorporate the created Action into Flow
①On the Auth0 management screen, click [Actions] > [Flows]

② Select the Flow that incorporates the created Action
Here, click [Pre User Registration]

③ From the list of Actions displayed in the Custom tab on the right side of the screen, drag and drop the Action created in 1. and incorporate it into the flow diagram on the left side of the screen.

④Click [Apply]

⑤ Confirm that it was reflected normally

Operation example: Registration prohibited mail domain check

1. Log in on the Auth0-linked web application screen and transition to the sign-up screen provided by Auth0
2.Perform user registration using an e-mail address that falls under the registration-prohibited domain.
3. Confirm that when you click [Continue], the user registration process is not performed and the specified error message is displayed.

Summary

By using Auth0's Actions function in this way, you can customize any processing requirements in the authentication process. It also comes with version control, testing, and debugging functions that are necessary for coding. You can try the functions in the free Auth0 trial environment, so please feel the high degree of customizability.

In addition to the logic introduced this time, Auth0 allows you to incorporate various custom logic into the authentication process using the Actions feature. If you are interested in Auth0's Actions feature, please contact us.

reference

Auth0 Actions – Auth0 docs
https://auth0.com/docs/customize/actions