You can now prevent end users from adding new or modifying existing email addresses, phone numbers, or usernames after they have signed up through the new Restrict changes toggle in the Clerk Dashboard. Navigate to the User & authentication page to enable.
Enabling this feature gives you the ability to have maximal control over the exact identifiers your end users can use to sign in to your application. If you'd like to control which identifiers are allowed at sign-up rather than locking them afterwards, see restrictions for allowlists, blocklists, and disposable email blocking.
With this setting enabled, your end users will still be able to view their identifiers in their User Profile, but will not be able to add, remove, or modify the respective identifier. For email addresses, this restriction extends to social connections: End users are prohibited from connecting an OAuth account that would otherwise add a new email address to their account.
Of course, you still have the ability to modify their end users' identifiers at any time on the Users page of the Clerk Dashboard or using our Backend API.
If you would like to have support for restricting end users from changing other attributes than email address, phone number, or username, please reach out to us to share this feedback.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。