Error handling for inactive user use cases?

Hiriji · June 28, 2025, 7:13pm

Hi all,

I am using Directus for user management on my app. I’m building a custom email verification flow. What I’m struggling with is dealing with cases where the user account is not active. Ideally I want to catch that and recommend the verification email be resent etc.

What’s the best way to manage this? Is there not a way to return a better error from /auth/login for inactive accounts? It seems that any account status returns a 401 Invalid Credentials. I assume this is intentional, and perhaps based on a security concern I can’t see, but I’m not sure how else to handle this.

My alternative thinking was to set up a static token and check the user against their email prior to login… how are some of you guys handling this scenario?

Nik · June 29, 2025, 2:06am

I think you can handle this with a custom endpoint.

After a failed login hit the custom endpoint passing the email and query if there is an account and if it needs verification. Endpoint then either might return the status for user interaction or immediately trigger a resend.

Not sure tho, how to exactly handle the resend. According to this comment, reregistering the user should send another verification mail. Not sure if this is also true when registering through the API.

Topic		Replies	Views
AuthenticationService.login error Help	2	43	May 6, 2025
Directus SDK registerUser returning `null` with already existing email Help	0	4	July 12, 2025
Number of login authentication attempts Help	1	19	June 14, 2025
Refresh token endpoint returning invalid credentials Help	0	24	June 17, 2025
Refresh Token not received on login Help	2	42	June 20, 2025

Error handling for inactive user use cases?

Related topics