Force email verification
How it works?
This rule will only allow access users that have verified their emails. Note that it might be a better UX to make this verification from your application.
If you are using Lock, the default behavior is to log in a user immediately after they have signed up.
To prevent this from immediately displaying an error to the user, you can pass the following option to
lock.show() or similar:
If you are using auth0.js, the equivalent option is
How do I use it?
Just create a new rule in the Auth0 dashboard, and copy the following code replacing the placeholders with the appropriate values.
What is Rule-Based Authentication?
Rules can be used to enrich and transform the user profile, deny access to specific users under certain conditions, retrieve information from external services and much more. For more information about rules, please check the documentation