How to set up invitation-only sign-up in Logto

Invitation-only sign-up is a common use case. It enhances exclusivity and security while potentially boosting engagement and retention for early-stage products.

In this blog, we’ll explain what invitation-only sign-up is, the requirements for setting it up, and how to flexibly use Logto to achieve your goal.

Common scenarios for invitation-only sign-up#

Invitation-only sign-up is commonly used in scenarios like:

1. Stealth mode launches: Early access to a new product or service for selected users.
2. Beta testing: Controlling who can try out and provide feedback on a product before a full release.
3. Exclusive communities: Limiting access to members who receive an invitation, such as professional networks or private forums or internal systems.
4. High-demand events: Managing limited access to events, courses, or special offers.

These scenarios help create exclusivity and ensure a controlled rollout.

Requirements overview#

Let’s break down the technical requirements into simple bullet points:

1. Sign-up should be restricted to invited users only. The general public can only sign in, not sign up.
2. Developers should have a list of emails to send invitations to.
3. Users will receive and use these invitations to access the app.
4. Users must reset their password when they first sign in.

Logto offers flexible features to meet these needs. Let’s explore how to set it up.

Recipe#

Key Logto features for invitation-only sign-up#

To implement an invitation-only sign-up process in Logto, you can utilize the following features:

Turn off sign-up in the Sign-in experience settings#

Since users can’t sign up themselves and can only register, go to the Sign-in Experience settings, click on the Sign-In & Sign-Up tab, and find the Advanced Options section. The default setting is on. Turn it off so users will only see the sign-in page.

Admins can create user accounts using email and generate temporary passwords#

You have a list of user emails and want to invite them to sign up. While Logto doesn’t offer a built-in invitation feature, you can create user accounts manually through the console or use the Management API to handle bulk account creation.

Manual user creation#

If you have only a few pre-listed users, you can create their accounts directly in the admin console. Users can then sign in with their email and use the “Forgot Your Password” option to set their own password.

Programmatic invitations#

If you want to make this process more programmatic, you can automate sending invitations and welcome emails to a list of user emails.

Use the Logto Management API to create multiple user accounts in bulk#

Set up a machine-to-machine app, you can first leverage Logto management API to enable bulk user creation.

Use webhook to automatically send the welcome invitation email#

You can send welcome emails by calling your mail server API from your own server. Since it doesn’t require a verification code, you should be able to fetch all the necessary information (such as the user’s name) and customize the email content accordingly. Along with the webhook your email service will be triggered through a webhook upon User.Created event to make this process more automatic.

Use the Login Hint feature to automatically trigger the password reset flow, prompting users to change their password and sign in#

The login_hint parameter, defined in the standard OpenID Connect specification, is used to pre-populate the sign-in form with the user's identifier (such as an email or username). With Logto, it can be combined with other sign-in screen parameters to enhance the user experience.

For example, pre-filling the email address field with the user's email in the sign-in form:

Summary#

This guide provides high-level guidance and highlights key Logto features to implement an invitation-only sign-up flow. It cleverly combines multiple features to create a seamless, end-to-end experience.