Hi, I'm using the ThirdPartyEmailPassword recipe, and wondering what's the best practice to whitelist emails that can sign-up/in to our app. So, a user can signup/in when their email is whitelisted, and otherwise get sent to a 'contact us' form, and we get notified with their email. I thought this can potentially be solved by one of these - roles - create a default Guest role and User role that'll be assigned if the email is whitelisted - claim-validators - create a custom claim validation for being whitelisted - Post signin / signup callbacks - with this solution i'm not sure how to handle non-whitelisted users on the client Do you have any recommendations?

hey @idanh.

looks like what I needed 🙂 thanks! will try it out

yea, so you should return a specific message to the frontend, and then in there, do a redirection if that message was recieved.

@rp_st I think i'm missing something here. I tried all of these on the backend: 1. raise Exception 2. return GeneralErrorResponse with a dedicated message 3. return a specific http code and message but didn't manage to intercept any of them on the client on either: 1. onHandleEvent 2. getRedirectionURL 3. postAPIHook what am doing wrong?

Huh.. the postApiHook should have worked. Are you calling function from the frontend yourself or via our pre built ui?

I must have missed it with all my trials 😊 - I do get the postApiHook called when I return GeneralErrorResponse from the backend