Updated Disable registration of new users (markdown)

Jeremy Lin 2020-04-18 15:48:28 -07:00
parent 9f052ccafd
commit e1778513e4
1 changed files with 13 additions and 4 deletions

@ -1,4 +1,4 @@
By default new users can register, if you want to disable that, set the `SIGNUPS_ALLOWED` env variable to `false`: By default, anyone who can access your instance can register for a new account. To disable this, set the `SIGNUPS_ALLOWED` env variable to `false`:
```sh ```sh
docker run -d --name bitwarden \ docker run -d --name bitwarden \
@ -7,11 +7,20 @@ docker run -d --name bitwarden \
-p 80:80 \ -p 80:80 \
bitwardenrs/server:latest bitwardenrs/server:latest
``` ```
Note: While users can't register on their own, they can still be invited by already registered users. See [[Disable invitations|disable-invitations]] if you also want to disable that.
You can also disable registration except for email addresses from certain domains. For example: ## Disabling organization invitations
Even when `SIGNUPS_ALLOWED=false`, an existing user who is an organization owner or admin can still invite new users. If you want to disable this as well, see [[Disable invitations|disable-invitations]].
## Restricting registrations to certain email domains
You can restrict registration to email addresses from certain domains by setting `SIGNUPS_DOMAINS_WHITELIST` accordingly. For example:
* `SIGNUPS_DOMAINS_WHITELIST=example.com` (single domain) * `SIGNUPS_DOMAINS_WHITELIST=example.com` (single domain)
* `SIGNUPS_DOMAINS_WHITELIST=example.com,example.net,example.org` (multiple domains) * `SIGNUPS_DOMAINS_WHITELIST=example.com,example.net,example.org` (multiple domains)
You still need to set `SIGNUPS_ALLOWED=false`. Also, see [#728](https://github.com/dani-garcia/bitwarden_rs/pull/728) for caveats -- in particular, the emails are currently not checked, meaning that anyone could still register, by providing a fake email address that has the proper domain. If `SIGNUPS_DOMAINS_WHITELIST` is set, then the value of `SIGNUPS_ALLOWED` is ignored. Also, see [#728](https://github.com/dani-garcia/bitwarden_rs/pull/728) for caveats -- in particular, the emails are currently not checked, meaning that anyone could still register, by providing a fake email address that has the proper domain.
## Invitations via the admin page
The bitwarden_rs admin can invite anyone via the [[admin page|Enabling-admin-page]], regardless of any of the restrictions above.