- Disable new signups
- Require email confirmation
- Minimum password length limit
- Allowlist email domains
- Denylist email domains
You can use sign-up restrictions to:
- Disable new sign-ups.
- Require user email confirmation.
- Denylist or allowlist email addresses belonging to specific domains.
When this setting is enabled, any user visiting your GitLab domain will be able to sign up for an account.
You can restrict new users from signing up by themselves for an account in your instance by disabling this setting.
For customers running public-facing GitLab instances, we highly recommend that you consider disabling new sign-ups if you do not expect public users to sign up for an account.
You can send confirmation emails during sign-up and require that users confirm their email address before they are allowed to sign in.
Introduced in GitLab 12.6
You can change the minimum number of characters a user must have in their password using the GitLab UI.
Introduced in GitLab 7.11.0
You can restrict users only to sign up using email addresses matching the given domains list.
Introduced in GitLab 8.10.
With this feature enabled, you can block email addresses of a specific domain from creating an account on your GitLab server. This is particularly useful to prevent malicious users from creating spam accounts with disposable email addresses.
To access this feature:
- Navigate to the Admin Area > Settings > General.
- Expand the Sign-up restrictions section.
For the denylist, you can enter the list manually or upload a
.txt file that
contains list entries.
For the allowlist, you must enter the list manually.
Both the allowlist and denylist accept wildcards. For example, you can use
*.company.com to accept every
company.com subdomain, or
*.io to block all
domains ending in
.io. Domains should be separated by a whitespace,
semicolon, comma, or a new line.