DisposableGuard

WorkOS

import { WorkOS } from '@workos-inc/node';

const workos = new WorkOS(process.env.WORKOS_API_KEY);

async function isDisposable(email) {
  try {
    const r = await fetch(
      `https://api.disposableguard.com/v1/check?email=${encodeURIComponent(email)}`,
      { headers: { Authorization: `Bearer ${process.env.DG_KEY}` } }
    );
    if (!r.ok) return false;
    const data = await r.json();
    return data.is_disposable === true;
  } catch {
    return false;
  }
}

// In your auth callback:
app.get('/auth/callback', async (req, res) => {
  const { email } = req.query;

  if (await isDisposable(String(email))) {
    return res.status(400).send('Please use a real email address.');
  }

  // ...continue with WorkOS auth
});

Notes

Check the email before calling WorkOS authentication, or use a webhook to block after creation.