From e1778513e44f0cfe8752a6868fbeb4c7b6bec908 Mon Sep 17 00:00:00 2001 From: Jeremy Lin Date: Sat, 18 Apr 2020 15:48:28 -0700 Subject: [PATCH] Updated Disable registration of new users (markdown) --- Disable-registration-of-new-users.md | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/Disable-registration-of-new-users.md b/Disable-registration-of-new-users.md index c125066..f4a73e6 100644 --- a/Disable-registration-of-new-users.md +++ b/Disable-registration-of-new-users.md @@ -1,4 +1,4 @@ -By default new users can register, if you want to disable that, set the `SIGNUPS_ALLOWED` env variable to `false`: +By default, anyone who can access your instance can register for a new account. To disable this, set the `SIGNUPS_ALLOWED` env variable to `false`: ```sh docker run -d --name bitwarden \ @@ -7,11 +7,20 @@ docker run -d --name bitwarden \ -p 80:80 \ bitwardenrs/server:latest ``` -Note: While users can't register on their own, they can still be invited by already registered users. See [[Disable invitations|disable-invitations]] if you also want to disable that. -You can also disable registration except for email addresses from certain domains. For example: +## Disabling organization invitations + +Even when `SIGNUPS_ALLOWED=false`, an existing user who is an organization owner or admin can still invite new users. If you want to disable this as well, see [[Disable invitations|disable-invitations]]. + +## Restricting registrations to certain email domains + +You can restrict registration to email addresses from certain domains by setting `SIGNUPS_DOMAINS_WHITELIST` accordingly. For example: * `SIGNUPS_DOMAINS_WHITELIST=example.com` (single domain) * `SIGNUPS_DOMAINS_WHITELIST=example.com,example.net,example.org` (multiple domains) -You still need to set `SIGNUPS_ALLOWED=false`. Also, see [#728](https://github.com/dani-garcia/bitwarden_rs/pull/728) for caveats -- in particular, the emails are currently not checked, meaning that anyone could still register, by providing a fake email address that has the proper domain. \ No newline at end of file +If `SIGNUPS_DOMAINS_WHITELIST` is set, then the value of `SIGNUPS_ALLOWED` is ignored. Also, see [#728](https://github.com/dani-garcia/bitwarden_rs/pull/728) for caveats -- in particular, the emails are currently not checked, meaning that anyone could still register, by providing a fake email address that has the proper domain. + +## Invitations via the admin page + +The bitwarden_rs admin can invite anyone via the [[admin page|Enabling-admin-page]], regardless of any of the restrictions above. \ No newline at end of file