Single Domain Signups
If you wish to ensure that all users are part of the same organization, restricting signups to a single domain and verifying email addresses is a good pattern.
- Configure AuthN to validate emails and domains.
- Immediately lock the account after registration.
- Implement your email verification process.
- Unlock the account when the email verifies.
NOTE: If you also use account locking as a moderation action, be sure to control the email verification process enough that you can be confident someone will not be able to use it as a way to unlock their account unexpectedly.