diff options
| author | Robert Speicher <robert@gitlab.com> | 2017-02-08 20:47:38 +0000 |
|---|---|---|
| committer | Robert Speicher <robert@gitlab.com> | 2017-02-08 20:47:38 +0000 |
| commit | b28d66c38d95e779157e9f68f68e7ca3b0ba2521 (patch) | |
| tree | 7bdc9278cf5bbf63dd05f615cff98f0991bafd8c /doc | |
| parent | d01cd84e69999677b5cb0d4f03d140f33cfdc0f7 (diff) | |
| parent | d9ee55ee38eb75f57ce9d1052ed23965a93f72b7 (diff) | |
| download | gitlab-ce-b28d66c38d95e779157e9f68f68e7ca3b0ba2521.tar.gz | |
Merge branch 'bypass-whitelist-for-external-user' into 'master'
Bypass signup domain validation for external users
Closes #25279
See merge request !8575
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/user/admin_area/settings/sign_up_restrictions.md | 24 |
1 files changed, 21 insertions, 3 deletions
diff --git a/doc/user/admin_area/settings/sign_up_restrictions.md b/doc/user/admin_area/settings/sign_up_restrictions.md index 4b540473a6e..603b826e7f2 100644 --- a/doc/user/admin_area/settings/sign_up_restrictions.md +++ b/doc/user/admin_area/settings/sign_up_restrictions.md @@ -1,5 +1,20 @@ # Sign-up restrictions +You can block email addresses of specific domains, or whitelist only some +specifc domains via the **Application Settings** in the Admin area. + +>**Note**: These restrictions are only applied during sign-up. An admin is +able to add add a user through the admin panel with a disallowed domain. Also +note that the users can change their email addresses after signup to +disallowed domains. + +## Whitelist email domains + +> [Introduced][ce-598] in GitLab 7.11.0 + +You can restrict users to only signup using email addresses matching the given +domains list. + ## Blacklist email domains > [Introduced][ce-5259] in GitLab 8.10. @@ -9,13 +24,16 @@ from creating an account on your GitLab server. This is particularly useful to prevent spam. Disposable email addresses are usually used by malicious users to create dummy accounts and spam issues. +## Settings + This feature can be activated via the **Application Settings** in the Admin area, and you have the option of entering the list manually, or uploading a file with the list. -The blacklist accepts wildcards, so you can use `*.test.com` to block every -`test.com` subdomain, or `*.io` to block all domains ending in `.io`. Domains -should be separated by a whitespace, semicolon, comma, or a new line. +Both whitelist and blacklist accept wildcards, so for example, you can use +`*.company.com` to accept every `company.com` subdomain, or `*.io` to block all +domains ending in `.io`. Domains should be separated by a whitespace, +semicolon, comma, or a new line.  |