Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions src/partials/auth-security.md
Original file line number Diff line number Diff line change
Expand Up @@ -68,9 +68,9 @@ Disallowing personal data can be enabled in the Auth service's **Security** tab

# Email policies {% #email-policies %}

Email policies let you restrict which email addresses can sign up for your project. You can independently block free email providers, aliased addresses, and disposable email services to keep throwaway accounts, signup spam, and bot registrations out of your user base. Policies run at sign-up and on email updates, and existing users can still sign in even if their address would not pass the current policy.
Email policies are currently available on Appwrite Cloud only. They let you restrict which email addresses can sign up for your project. You can independently block free email providers, aliased addresses, and disposable email services to keep throwaway accounts, signup spam, and bot registrations out of your user base. Policies run at sign-up and on email updates, and existing users can still sign in even if their address would not pass the current policy.

Email policies can be enabled in the Auth service's **Security** tab on the Appwrite Console, or programmatically through the Project service. Learn more in the [Email policies](/docs/products/auth/email-policies) docs.
On Appwrite Cloud, email policies can be enabled in the Auth service's **Security** tab on the Appwrite Console, or programmatically through the Project service. Learn more in the [Email policies](/docs/products/auth/email-policies) docs.

# Session alerts {% #session-alerts %}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ Learn more about rate limits
{% /arrow_link %}

# Email policies {% #email-policies %}
Email policies let you block sign-ups and email updates from free, aliased, or disposable email providers. This helps keep throwaway accounts, signup spam, and bot registrations out of your project before they reach your authentication and rate-limit layers. Policies run at sign-up time and on email updates, and do not affect existing sessions.
Email policies are currently available on Appwrite Cloud only. They let you block sign-ups and email updates from free, aliased, or disposable email providers. This helps keep throwaway accounts, signup spam, and bot registrations out of your project before they reach your authentication and rate-limit layers. Policies run at sign-up time and on email updates, and do not affect existing sessions.

{% arrow_link href="/docs/products/auth/email-policies" %}
Learn more about email policies
Expand Down
3 changes: 1 addition & 2 deletions src/routes/docs/products/auth/accounts/+page.markdoc
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ You can signup and login a user with an account create through
[OAuth 2](/docs/products/auth/oauth2)
authentication.

To control which email addresses can sign up, enable [email policies](/docs/products/auth/email-policies) to block free, aliased, or disposable email providers.
On Appwrite Cloud, you can use [email policies](/docs/products/auth/email-policies) to block sign-ups from free, aliased, or disposable email providers.

# Permissions {% #permissions %}

Expand All @@ -37,4 +37,3 @@ individual users using the `Role.user(<USER_ID>, <STATUS>)` role.
Learn more about permissions
{% /arrow_link %}


2 changes: 1 addition & 1 deletion src/routes/docs/products/auth/email-password/+page.markdoc
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ title: Email and password login
description: Implement email and password authentication with Appwrite. Securely register and authenticate users in your applications using Appwrite's robust email-based authentication system.
---

Email and password login is the most commonly used authentication method. Appwrite Authentication promotes a safer internet by providing secure APIs and promoting better password choices to end users. Appwrite supports added security features like password strength requirements, blocking personal info in passwords, password dictionary, and password history to help users choose good passwords. You can also restrict which addresses can sign up by enabling [email policies](/docs/products/auth/email-policies) to block free, aliased, or disposable email providers.
Email and password login is the most commonly used authentication method. Appwrite Authentication promotes a safer internet by providing secure APIs and promoting better password choices to end users. Appwrite supports added security features like password strength requirements, blocking personal info in passwords, password dictionary, and password history to help users choose good passwords. On Appwrite Cloud, you can also restrict which addresses can sign up by enabling [email policies](/docs/products/auth/email-policies) to block free, aliased, or disposable email providers.

# Signup {% #sign-up %}

Expand Down
10 changes: 7 additions & 3 deletions src/routes/docs/products/auth/email-policies/+page.markdoc
Original file line number Diff line number Diff line change
@@ -1,10 +1,14 @@
---
layout: article
title: Email policies
description: Control which email addresses can sign up for your Appwrite project by blocking free, aliased, or disposable email providers from the Console or Project API.
description: On Appwrite Cloud, control which email addresses can sign up for your Appwrite project by blocking free, aliased, or disposable email providers from the Console or Project API.
---

Email policies let you restrict which email addresses can be used for user creation and email updates on a project. Each policy is an independent toggle that runs at sign-up time and when an existing user changes their email. Policies do not affect session creation, so existing users can still sign in if their address would not pass the current policy.
Email policies are currently available on Appwrite Cloud only. They let you restrict which email addresses can be used for user creation and email updates on a project. Each policy is an independent toggle that runs at sign-up time and when an existing user changes their email. Policies do not affect session creation, so existing users can still sign in if their address would not pass the current policy.

{% info title="Availability" %}
Email policies are not available in self-hosted Appwrite deployments. In self-hosted projects, the Appwrite Console does not show the email-policy controls.
{% /info %}
Comment on lines +9 to +11

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 The callout's second sentence narrows the "not available" statement to only the Console UI, which could lead a self-hosted developer to assume that the Project service API calls still work on their instance. Since the feature is entirely absent from self-hosted deployments, mentioning both surfaces avoids that confusion.

Suggested change
{% info title="Availability" %}
Email policies are not available in self-hosted Appwrite deployments. In self-hosted projects, the Appwrite Console does not show the email-policy controls.
{% /info %}
{% info title="Availability" %}
Email policies are not available in self-hosted Appwrite deployments. In self-hosted projects, the Appwrite Console does not show the email-policy controls, and the Project service API calls for email policies are not supported.
{% /info %}

Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!


Three policies are available:

Expand All @@ -14,7 +18,7 @@ Three policies are available:
| Deny aliased emails | Addresses with aliases, tags, subaddresses, or any provider-specific variation | `user+folder1@gmail.com` |
| Deny disposable emails | Temporary and disposable email providers | `alex9734@mailinator.com` |

Policies can be configured from the Appwrite Console or programmatically through any server SDK using the Project service.
On Appwrite Cloud, policies can be configured from the Appwrite Console or programmatically through any server SDK using the Project service.

# Manage from the Console {% #manage-console %}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,4 +2,4 @@ The Project service allows you to manage all the core settings and resources of

Register new client platforms such as [Web](/docs/references/1.9.x/server-nodejs/project#createWebPlatform), [Apple](/docs/references/1.9.x/server-nodejs/project#createApplePlatform), and [Android](/docs/references/1.9.x/server-nodejs/project#createAndroidPlatform) so your applications can securely communicate with the Appwrite API. Create, update, and revoke [API keys](/docs/references/1.9.x/server-nodejs/project#createKey) to control server-to-server access with the exact scopes your integrations need.

This service also lets you manage [project variables](/docs/references/1.9.x/server-nodejs/project#createVariable) that are available to all your functions and sites, and update email-handling preferences such as disposable, free, and canonical email policies for your project.
This service also lets you manage [project variables](/docs/references/1.9.x/server-nodejs/project#createVariable) that are available to all your functions and sites. On Appwrite Cloud, it can also update email-handling preferences such as disposable, free, and canonical email policies for your project.

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 The pronoun "it" in the new sentence could be read as referring to "Appwrite Cloud" rather than "the Project service". Making the subject explicit keeps the sentence unambiguous for readers landing on the API reference directly.

Suggested change
This service also lets you manage [project variables](/docs/references/1.9.x/server-nodejs/project#createVariable) that are available to all your functions and sites. On Appwrite Cloud, it can also update email-handling preferences such as disposable, free, and canonical email policies for your project.
This service also lets you manage [project variables](/docs/references/1.9.x/server-nodejs/project#createVariable) that are available to all your functions and sites. On Appwrite Cloud, the Project service can also update email-handling preferences such as disposable, free, and canonical email policies for your project.

Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!

Loading