Manage project access and invitations
This article explains how to make your project more secure by using invitation restrictions and domain-based access controls. These tools help control who can join your project, ensuring only authorized users have access.
Set up invitation restrictions
Make your project invitations more secure with these settings:
- Invitation expiration time: Decide how long each invitation stays valid.
- Domain restrictions: Allow invitations only for users with email addresses from specific domains.
Important
Only users with SSO Account Admin permissions can manage these settings.
Access the controls under Invitation settings.
- Go to Settings > Project settings.
- Click Security > Invitation settings.
Invitation expiration time
Set a specific time for how long an invitation stays valid. After this time ends, users can no longer accept the invitation. This helps reduce security risks from old or unused invitations.
Set up expiration time
- Go to Invitation settings.
- Find the option to set an expiration for the invitation.
- Under Expire after, set how long the invitation will be valid. You can select hours or days.
Expiration time limitations
- Maximum time: 180 days
- Minimum time: 1 hour
Domain restrictions
Restrict project invitations to users with email addresses from specific domains. This ensures only users from approved organizations can join the project.
Activate and edit domain restrictions
- Turn the Restrict invitation to specific domains toggle on.
- Enter up to 10 allowed domains (without the "@" symbol).
- Example: domain.com
You will see an error message if you try to invite users from domains that are not allowed.
Domain limitations
- Domain restrictions only apply to new invitations. Existing users are not affected.
- Domain limit: You can have a maximum of 10 allowed domains. To add a new domain after reaching this limit, you must delete an existing one.
- Default domains: You cannot remove domains Bloomreach owns:
- exponea.com
- bloomreach.com
Updated 13 days ago