@mmki – If you edit the user in Auth0, you can unblock the user with the Actions menu on the top right:
https://www.dropbox.com/s/muv9phpf5dzs1ad/Screenshot%202018-11-26%2008.31.24.png?dl=0
Thread Starter
mmki
(@mmki)
@auth0josh the problem is that this user hasn’t been migrated yet. So there is no such user in Auth0 dashboard. He tries to log in with Auth0 for the first time, but he can’t because of this block.
I’m a little confused … the error message talks about logins, which seems like they already have an account.
Can you add this used in Auth0 and have them log in? Use a temporary password, then have them change it in WordPress to sync both accounts.
Thread Starter
mmki
(@mmki)
If I try to add him in Auth0 i get the messsage „the user already exists”. I checked the users list searching for him, I checked the records one by one and there is not such user for sure.
Thread Starter
mmki
(@mmki)
Sorry for long response time.
I do not see this user on the list.
No problem!
Are they still blocked from logging in? It’s possible that the account is stuck somehow but this seems like a common enough situation that if there was a core issue that it would come up more often.
Last test … can you follow the steps above for the Management token and try to add them via API:
https://auth0.com/docs/api/management/v2#!/Users/post_users
You can search specifically for that email address by using the get users endpoint above and use this in the “q” field:
email:"[email protected]"
If you can paste the search and create responses here (should not have any sensitive information if there is an error), then I’ll put through a ticket on our end.
Apologies for the trouble here!
Thread Starter
mmki
(@mmki)
Hi Josh,
these are responses from the API:
List or search users:
REQUEST URL
https://epid.eu.auth0.com/api/v2/users?q=email%3A%22[SENSITIV]
RESPONSE CODE
200
RESPONSE BODY
[]
RESPONSE HEADERS
{
"content-type": "application/json; charset=utf-8",
"cache-control": "private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0"
}
Create a user POST
REQUEST URL
https://epid.eu.auth0.com/api/v2/users
RESPONSE CODE
409
RESPONSE BODY
{
"statusCode": 409,
"error": "Conflict",
"message": "The user already exists.",
"errorCode": "auth0_idp_error"
}
RESPONSE HEADERS
{
"content-type": "application/json; charset=utf-8",
"cache-control": "private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0"
}
I finally manage to unblock the user using API’s Unblock by identifier, and passing the email.
I checked that – to repeat that error you should try to log with wrong password at least 11 times.
Thread Starter
mmki
(@mmki)
I should add that we have Anomaly Detection > Brute force protection turned on. But unlike it stays on the page we did not receive any email notification.
