Scalekit now supports configurable sign-up restrictions to control who can create accounts or be invited to organizations. Block disposable email addresses and generic public domains to maintain data quality and prevent misuse.
Why it matters
Open sign-up policies can lead to several issues:
- Low-quality accounts from disposable email services that create temporary addresses
- Generic domain registrations from Gmail, Outlook, or Yahoo that don't represent legitimate business users
- Spam and abuse from users who create accounts with no intention of genuine use
- Data integrity problems when temporary or fake email addresses fill your user base
For B2B applications especially, ensuring users sign up with legitimate business email addresses helps maintain data quality, improves user engagement metrics, and reduces support overhead from throwaway accounts.
How it works
Sign-up restrictions are enforced at two critical points:
New Organization Creation
When users attempt to sign up and create a new organization, Scalekit validates their email domain against your restriction settings before allowing account creation.
User Invitations
When existing organization members invite new users, the invitation process checks the invitee's email domain against restriction rules before sending the invitation.
Restrictions apply uniformly—users with blocked domains cannot sign up to create organizations or be invited to existing organizations.
.png)
What's included
Disposable Email Blocking
Block temporary email services like 10minutemail, guerrillamail, and similar disposable domain providers. Prevents users from creating throwaway accounts that disappear after temporary periods.
Public Domain Restrictions
Block registrations from generic consumer email providers like Gmail, Outlook, Yahoo, and Hotmail. Ensures only users with business or organizational email addresses can access your application.
Dashboard Configuration
Simple toggle controls in the Scalekit dashboard under Authentication > General. Enable or disable each restriction type independently based on your needs.
Universal Enforcement
Restrictions apply across all authentication methods—whether users sign up via passwordless, social login, or enterprise SSO. No configuration needed per method.
Real-time Validation
Email domains are validated immediately during sign-up and invitation flows, providing instant feedback to users if their email is restricted.
Use cases
Ensure professional user base
Only business users with company email addresses can create organizations, maintaining data quality.
Comply with security policies
Block disposable emails to meet requirements for verified, permanent email addresses.
Prevent trial abuse
Stop users from creating multiple accounts with disposable emails to circumvent usage limits.
Maintain community quality
Restrict invitations to verified business domains only.
Configuration
Navigate to Authentication > General in your Scalekit dashboard and toggle the following options:
- Block disposable email domains: Prevents sign-ups and invitations from temporary email services
- Block public email domains: Restricts registrations from Gmail, Outlook, Yahoo, and similar consumer services
Click Save to apply your restrictions. Changes take effect immediately for all new sign-ups and invitations.
Get started
Sign-up restrictions are available now for all Scalekit customers:
- Configure in your dashboard
- View full documentation
- Contact support for questions about restriction policies
