> ## Documentation Index
> Fetch the complete documentation index at: https://auth0.com/llms.txt
> Use this file to discover all available pages before exploring further.

> Learn about the Pre User Registration Flow, which runs when a user attempts to register through a Database or Passwordless connection. It can be used to add metadata to the user profile before it is created or to deny a registration.

# Pre-user Registration Trigger

The Pre-user Registration trigger runs before a user is added to a Database or <Tooltip tip="Passwordless: Form of authentication that does not rely on a password as the first factor." cta="View Glossary" href="/docs/glossary?term=Passwordless">Passwordless</Tooltip> Connection.

<Frame>
  <img src="https://mintlify.s3.us-west-1.amazonaws.com/auth0/docs/images/cdy7uua7fh8z/2KtUcZhaBcT12GxjhBJZFG/9633b4454ac1c06c0deed6c97e70fe7d/pre-user-registration-flow.png" alt="Diagram showing the Actions Pre User Registration Flow." />
</Frame>

Actions in this flow are blocking (synchronous), which means they execute as part of a trigger's process and will prevent the rest of the Auth0 pipeline from running until the Action is complete.

## Triggers

### Pre-user Registration

The `pre-user-registration`  triggers runs when a user attempts to register through a Database or Passwordless connection. This trigger can be used to add metadata to the user profile before it is created or to deny a registration with custom logic.

<Warning>
  You cannot currently use `pre-user-registration` Actions to add metadata to passwordless users.
</Warning>

#### References

* [Event object](/docs/customize/actions/explore-triggers/signup-and-login-triggers/pre-user-registration-trigger/pre-user-registration-event-object): Provides contextual information about the request to register a new user.
* [API object](/docs/customize/actions/explore-triggers/signup-and-login-triggers/pre-user-registration-trigger/pre-user-registration-api-object): Provides methods for changing the behavior of the flow.

## Common use cases

### Deny registration by location

A pre-user registration Action can be used to prevent a user from signing up.

```javascript lines theme={null}
/**
 * @param {Event} event - Details about registration event.
 * @param {PreUserRegistrationAPI} api
 */
exports.onExecutePreUserRegistration = async (event, api) => {
  if (event.request.geoip.continentCode === "NA") {

    // localize the error message 
    const LOCALIZED_MESSAGES = {
      en: 'You are not allowed to register.',
      es: 'No tienes permitido registrarte.'
    };

    const userMessage = LOCALIZED_MESSAGES[event.request.language] || LOCALIZED_MESSAGES['en'];
    api.access.deny('no_signups_from_north_america', userMessage);
  }
};
```

### Set metadata in the user profile

A pre-user registration Action can be used to add metadata to the user profile before it is created.

<Warning>
  You cannot currently use `pre-user-registration` Actions to add metadata to passwordless users.
</Warning>

```javascript lines theme={null}
/**
 * @param {Event} event - Details about registration event.
 * @param {PreUserRegistrationAPI} api
 */
exports.onExecutePreUserRegistration = async (event, api) => {
  api.user.setUserMetadata("screen_name", "username");  
};
```

### Store a user ID from another system in the user profile

A pre-user registration Action can be used to store a user ID from another system in the user profile.

```javascript lines expandable theme={null}
const axios = require('axios');

const REQUEST_TIMEOUT = 2000; // Example timeout

/**
* Handler that will be called during the execution of a PreUserRegistration flow.
*
* @param {Event} event - Details about the context and user that is attempting to register.
* @param {PreUserRegistrationAPI} api - Interface whose methods can be used to change the behavior of the signup.
*/
exports.onExecutePreUserRegistration = async (event, api) => {
  try {
    // Set a secret USER_SERVICE_URL = 'https://yourservice.com'
    const remoteUser = await axios.get(event.secrets.USER_SERVICE_URL, {
      timeout: REQUEST_TIMEOUT,
      params: {
        email: event.user.email 
      }
    });

    if (remoteUser) {
      api.user.setAppMetadata('my-api-user-id', remoteUser.id); 
    }
  } catch (err) {
    api.validation.error('custom_error', 'Custom Error');
  }
};
```

<Callout icon="file-lines" color="#0EA5E9" iconType="regular">
  To use an `npm` library like `axios`, you must add the library to the Action as a dependency. To learn more, read the "Add a dependency" section in [Write Your First Action](/docs/customize/actions/write-your-first-action).
</Callout>

### Deny access to specific JA3/JA4 fingerprints

The `event.security_context` object contains the JA3/JA4 fingerprint values for the current transaction.

```js lines theme={null}
exports.onExecutePreUserRegistration = async (event, api) => {
  const clientJa4 = event?.security_context?.ja4;
  console.log('[ACTION]', {clientJa4});
  const badFingerprints = ['t13d1517h2_8daaf6152771_b6f405a00624','t13d1516h2_8daaf6152771_d8a2da3f94cd'];
  if (clientJa4 && badFingerprints.includes(clientJa4)){
    api.access.deny('suspicious_tls_fingerprint', 'Your TLS fingerprint has been flagged as suspicious');
  }
};
```