The User Policies module defines organization-wide rules for user registration, default access roles, and password security standards. These policies ensure that platform access remains secure, controlled, and aligned with company governance practices.
1. User Registration Settings #
These settings control how new users can join the platform.
| Setting | Purpose |
|---|---|
| Allow Public User Registration | Enables open sign-up without admin invitation |
| Require Email Verification | Ensures users confirm ownership of their email before activation |
| Require Admin Approval | New accounts stay inactive until approved by an administrator |
🔐 Recommended for Enterprise #
Enable email verification and admin approval to prevent unauthorized access.
2. Default Role Settings #
These settings determine the permissions automatically assigned to new users.
| Setting | Value | Description |
|---|---|---|
| Default User Role | Reader | New users receive read-only access unless changed |
| Max Users Per Project | 100 | Limits the number of users assigned to a single project |
💡 Why This Matters #
- Prevents accidental over-permissioning
- Maintains structured collaboration
- Helps manage licensing and performance
3. Password Policy #
Strong password rules protect accounts from unauthorized access.
| Requirement | Value |
|---|---|
| Minimum Length | 8 characters |
| Maximum Age | 90 days (0 = no expiration) |
| Uppercase Required | Yes |
| Lowercase Required | Yes |
| Number Required | Yes |
| Special Character Required | Yes |
🔒 Security Notice #
These rules apply to all users and help meet common compliance standards such as ISO, SOC 2, and enterprise IT security policies.
System Actions #
| Action | Purpose |
|---|---|
| Reset to Defaults | Restores original policy settings |
| Save Settings | Applies changes across the platform |
Best Practices #
- Use admin approval in production environments
- Keep password expiry between 60–90 days
- Assign Reader or least-privilege roles by default
- Regularly review user access and remove inactive accounts
Summary #
The User Policies module ensures controlled onboarding, structured role management, and strong password enforcement. Proper configuration protects your platform while enabling secure collaboration across teams.
