Send login anomaly emails

How it works?

This rule is designed to detect phished or compromised accounts and notify the user with a "was this you?" email notification.

It relies on the ThisData anomaly detection algorithms which take into account many behavioural factors including:

  • Location & Velocity
  • Devices
  • Time of day
  • Tor usage
  • Risky IP addresses
  • And more...

###Prerequisites You will need a ThisData API Key. Sign up for a free ThisData account at

How do I use it?

Just create a new rule in the Auth0 dashboard, and copy the following code replacing the placeholders with the appropriate values.

What is a Rule?

A rule is arbitrary JavaScript code that can be used to extend Auth0s default behavior when authenticating a user. Enabled rules will be executed in the order shown below for all users and applications as the final step of theauthentication process.

Rules can be used to enrich and transform the user profile, deny access to specific users under certain conditions, retrieve information from external services and much more. To learn more about rules, see Auth doc Rules