cancel
Showing results for 
Search instead for 
Did you mean: 

SAP CDC / Is it possible to block on registration a list of emails' domain?

m_borrelli
Explorer
565

HI team,

is it possible to block a user who try to register with an email domain in blacklist?

For example, it would be useful to block all the @yopmail.com to avoid user with fake or temporary emails.

Thank you really much.  

View Entire Topic
Vrishabh
Explorer

Hi @m_borrelli,

You can address your requirement using SAP CDC's Extensions functionality. By leveraging the onBeforeAccountsRegister Extension point, you can initiate the flow just before account registration.

The hosted endpoint URL will receive a payload containing the user's profile and data fields. Here, you can implement a logic to identify whether the email domain is disposable or fake.

Additionally, you can return either "OK" or "FAIL" along with custom validation error messages, which will enhance the user experience by displaying these error messages in the UI.

Please refer to the links provided above for more information.

Thanks, and Regards,
Vrishabh.

KunalBansal
Active Contributor
0 Kudos

##tobedelete

KunalBansal
Active Contributor
0 Kudos

Hey @Vrishabh,
Thanks for the other alternative approach!
IMHO, The onBeforeAccountsRegister method needs custom-code, and may have performance concerns!
While Regesx/JS method is simpler to implement on UI level, using regular expressions or JavaScript for client-side validation without affecting performance.
FYI @m_borrelli 

Kunal

Vrishabh
Explorer

Hi @KunalBansal,

Thanks for highlighting this point. I agree with your points mentioned.
But I would also like to add more to this discussion 🙂

  • Hosted API with SAP CDC extensions with "onBeforeAccountsRegister" event.
    • It gives centralized control to Client to host the logic in one place making it easier to manage and update without changing front-end code.
    • As the logic is centralized it becomes highly scalable and can be controlled independently.
    • The logic is written server-side, which prevents users from bypassing the checks by manipulating the client-side code.
    • This can be best suited to write complex logics and handling various edge cases and different events.

  • Regex or Client-side JavaScript code.
    • It provides immediate feedback to users without network latency.
    • Easy to implement for simple validation rules.

Above mentioned are the advantages to both server-side and client-side methods. However, considering evolving client requirements, a long-term solution is recommended. While client-side validations are useful to an extent, increasing complexity can introduce performance issues. Server-side implementation, on the other hand, decouples code complexity, making the system more resilient and highly scalable. With advancements in infrastructure, API network latency has significantly decreased, making server-side solutions more viable.

cc: @m_borrelli