Last updated

Domain restriction (user sign-up)

To enhance control over user activity in your app, Frontegg offers account domain restriction within your environment settings, allowing you to either allow or block user sign-ups when users belonging to specific domains try to access your app. This option becomes especially useful if you want to fine-tune user traffic by allowing or restricting users from accessing it.


domain-restriction-1

Use cases

Suppose you aim to enhance user control in your application by implementing Frontegg's domain restriction feature. By enabling this functionality, you can regulate user sign-ups based on specific domain criteria.

Within your environment settings, navigate to your Domain tab, and in Account sign-up restrictions, choose whether to Deny (specific domains), Allow (specific domains), or Deny public domain. The administrator can then input the domains from which users can sign up. For example, @xyzcorporation.com and @partnercompany.com. With domain restrictions enabled, users attempting to sign up with email addresses outside the specified domains are notified that their sign-up is restricted.

Feature highlights

Domain restriction offers the following finely-grained options:

  • Deny only - Users belonging to domains in this list are blocked from signing up.
  • Allow only - Users belonging to domains in this list are the only ones allowed to sign up for an account in this environment (see note).
  • Deny public domain - Users with emails from public domains (e.g., Gmail, Yahoo) are restricted from signing up to this environment.

Environment-specific settings

Note that account sign-up settings are not applied across all of your environments when enabled in one of them. You need to apply these settings separately to initiate them in specific environments.

Account sign-up restrictions setup

To set account restrictions by domain, go to [ENVIRONMENT] → Configurations → Keys & domains → Domains → Account sign-up restrictions. Here, you can either Deny domains, Allow domains, or Deny all public domain emails.

domain-restriction-2

Domain restriction via API

Check out our API Reference to perform domain restriction via API.