Actions Triggers

Actions Triggers

The processes which can be extended with Actions are called Flows. Each Flow is made up of one or more Triggers and represents the logical pipeline through which information moves during a single point in the Auth0 journey. Multiple Actions can be added to a Trigger, with each Action executing in the order in which it was placed. Some Triggers are executed synchronously, blocking the flow in which they are involved, and some are executed asynchronously.

To explore reference objects and blueprints for specific Actions for a trigger, select the trigger below.

Flow Runs Trigger(s) Example Uses
Login As a user logs in. post-login
Executed after a user logs in and after any Rules that exist. Also executed when Refresh tokens are issued.
  • Modify Access and ID tokens
  • Call APIs to enrich user profiles or send notifications
  • Create authorization rules and make access decisions based on custom logic
  • Conditionally enable MFA
  • Redirect users to an external site
Machine to Machine When an Access Token is issued via the Client Credentials Flow. credentials-exchange
Executed after a user logs in and after the Client Credentials Hook.
  • Prevent tokens from being issued
  • Add custom claims to the Access Token
Pre User Registration Before a user is added to a Database or Passwordless Connection. pre-user-registration
Executed before a user is added to a Database or Passwordless Connection, after the Pre User Registration Hook
  • Prevent creation of a user in Auth0
  • Add custom app_metadata or user_metadata to a newly created user
Post User Registration After a user is added to a Database or Passwordless Connection. post-user-registration
Executes after a user is added to a Database or Passwordless Connection and after the Post User Registration Hook. It executes asynchronously and its outcome does not affect the transaction.
  • Send a new user notification
  • Create a record in a CRM system
Post Change Password After a password is changed for a Database Connection user. post-change-password
Executes after a password is changed for a Database Connection user and after the Post Change Password Hook. It executes asynchronously and its outcome does not affect the transaction.
  • Send an email to a user to notify them that their password has been changed
  • Call an API to revoke a user’s sessions in other systems after their password has been change
Send Phone Message To send a Phone or SMS message as part of a Custom MFA Provider. send-phone-message
Executes when using a Custom MFA Provider in place of a Send Phone Message Hook.
Use a custom provider for sending MFA Phone or SMS messages

Learn more