Integrate Auth0 and Email Hippo for ultimate security

Example custom code snippet for Auth0 rules

Prerequisites

An Auth0 account with a tenant setup.
An Email Hippo account with a MORE API subscription and access to your API key.

To create an account and purchase a subscription for the MORE API please sign up.

Configuration on Email Hippo

Once you have a subscription set up and your API key there is no further setup required within Email Hippo.

For further information on the MORE API please read the MORE section on this site.

Configuration on Auth0

Go to the Rules option on the menu.
Under Settings on this page add a new key value.
Set the key as 'HIPPO_API_KEY' and the value as your Email Hippo API key.
Click on ‘+ Create Rule’.
Select the ‘Empty Rule’ template.
Name your rule - for example ‘Email Hippo Email Address Validation’.
Replace the code displayed in Auth0 with the JavaScript shown here. (Select the JavaScript tab to view the code.)
Click on ‘Save’ or ‘Try this rule’ to use the function within your Auth0 sign up form and prevent sign ups with bad or disposable email addresses.

The MORE API (Edition2/Version3) contains multiple data points which you may wish to incorporate in your function, for example for prompting re-input of mis-spelled email addresses.

Our function uses the simple ‘result’ and ‘additional status’ to identify the email addresses which should not be accepted.


/*
 * © 2020, Email Hippo Limited. (http://emailhippo.com)
 *
 * This example requires a valid key to work correctly.
 *
 * License: Apache 2.0 (https://www.apache.org/licenses/LICENSE-2.0)
*/

```javascript--browser

function (user, context, callback) {

  user.app_metadata = user.app_metadata || {};

  // Users with the emailhippo_valid will return an error on login
  // Setting emailhippo_valid to true will allow the user to log back in
  const valid = user.app_metadata.emailhippo_valid;
  if (valid !== undefined) {
    return valid ? callback(null, user, context) : callback('Email address is not valid');
  }

  if(!user.email) {
    return callback(null, user, context);
  }

  const request = require('request');
  
  const key = configuration.HIPPO_API_KEY;
  
  // Sign up at https://www.emailhippo.com/
  const url = 'https://api.hippoapi.com/v3/more/json/'+ key +'/' + user.email;

  request({ url: url }, function (err, resp, body) {
    if (err) {
        return callback(null, user, context);
    }
    if (resp.statusCode !== 200) {
        return callback(null, user, context);
    }

    const hippo_resonse = JSON.parse(body);
    
    const result = hippo_resonse.emailVerification.mailboxVerification.result;
    const reason = hippo_resonse.emailVerification.mailboxVerification.reason;

    user.app_metadata = user.app_metadata || {};

    // Any email address that is either bad or a Disposable email address
    // will be flagged as invalid. You can add your own custom logic if you want.
    let valid = true;
    if (result === 'Bad' || (result === 'Unverifiable' && reason === 'DomainIsWellKnownDea')){
        valid = false;
    } 

    user.app_metadata.emailhippo_result = result;
    user.app_metadata.emailhippo_reason = reason;
    user.app_metadata.emailhippo_valid = valid;

    auth0.users.updateAppMetadata(user.user_id, user.app_metadata)
      .then(function(){
        return valid ? callback(null, user, context) : callback('Email address is not valid');
      })
      .catch(function(err){
        callback(null, user, context);
      });
  });
}
/*
```

*/

Talk to us about your integration requirements

Want more information about a popular Email Hippo integration, or want to discuss an integration requirement that isn't covered here? Get in touch today and we'll help you find the best solution for you.

Email verification for Auth0

Use Auth0 email verification integration

Example custom code snippet for Auth0 rules

Talk to us about your integration requirements

Not yet using Email Hippo for your email verification?

What are you waiting for?