Missed DevDay24? Register for the Best of DevDay

Custom Policies Acceptance Template

"Custom Policies Acceptance Template"

About this template

You can use this template to gather user consent by displaying custom policies to your users whenever they create an account or the next time they log in for any user who already had an account before you published and deployed this form.

This "Custom Policies Acceptance" template includes:

  1. A form step that displays the policies with a legal field that needs to be marked by the user.
  2. Once the user accepts the policies, we will update the app metadata to store the consent with a timestamp and resume the authentication flow.

How to configure this template

Visit the Auth0 Dashboard and then open the Forms Dashboard by clicking the Actions > Forms option from the sidebar. Once there, click the "Create form" button.

You have two options for creating this form: you can use a template or import a JSON file.

Use a template

  1. Click the "Use a template" option in the "Create form" modal.
  2. Click the "Custom policies acceptance" template.
  3. Click the "Continue" button to customize the template to fit your use case.

Import a JSON file

  1. Download the template JSON file.
  2. Click the link to import a JSON file at the bottom of the "Create form" modal.
  3. Either drag and drop the JSON file you downloaded or browse to its location and upload it.
  4. Provide a name to your form and its flow if the default values are not fitting.
  5. Click the "Continue" button to customize the template to fit your use case.

How to use this form

You can render a form with an Action using the api.prompt.render() method, which takes the form ID as an argument.

There are different ways in which you can find your form ID:

  • On the Forms Dashboard home page, you can see a list of your existing forms. Each entry includes a "Title" and "Form ID" field, which you can copy.
  • If you are using the Form Editor in the Forms Dashboard:
    • Click the "Render" tab to see the sample code that contains the FORM_ID value.
    • Alternatively, you can inspect the URL which follows this pattern:
https://forms.auth0.com/tenants/<REGION>/<TENANT>/forms/<FORM_ID>/render

Once you have located your Form ID, copy and paste it in the following field so that any code snippet that uses such value updates to reflect it:

It's best to render the "Custom Policies Acceptance" form during the login flow. As such, you need to create a Login Action to render it by following these steps:

  1. Visit the "Flows" section of the Auth0 Dashboard and select the "Login" flow.
  2. Locate the "Add Action" panel in the "Login" flow board and click the + icon button.
  3. Select the "Build from scratch" option.
  4. Provide a name to your Action and click the "Create" button.
Action name
Custom Policies Acceptance
  1. Replace the default code in the Actions editor with the following code:
    • Note: Ensure that you replace the AUTH0_FORM_ID placeholder with your form ID.
Action
/**
* @param {Event} event - Details about the user and the context in which they are logging in.
* @param {PostLoginAPI} api - Interface whose methods can be used to change the behavior of the login.
*/
exports.onExecutePostLogin = async (event, api) => {
  const FORM_ID = 'AUTH0_FORM_ID';
  
  if (!event.user.app_metadata.privacy_policies) {
    api.prompt.render(FORM_ID);
  }
}


/**
* @param {Event} event - Details about the user and the context in which they are logging in.
* @param {PostLoginAPI} api - Interface whose methods can be used to change the behavior of the login.
*/
exports.onContinuePostLogin = async (event, api) => {}
  1. Click the "Deploy" button.
  2. Next, click on the "Add to flow" link in the toast message that comes up, or click on the "Back to flow" link to return to the "Login" flow board.
  3. Locate the "Add Action" panel in the "Login" flow board, click the Custom tab and drag-and-drop the "Custom Policies Acceptance" Action between the "Start" and "Complete" states in the board.
  4. Finally, click the "Apply" button in the top-right corner.

Now, when any user attempts to log in, and their event.user.app_metadata object does not have a privacy_policies property defined, this Action will render your "Custom Policies Acceptance" form and require the user to accept the privacy policies you have set for your product or service before they can complete their login flow.

"Custom Policies Acceptance Form"