Private discourse - read/write access for authorized users only possible?


I’d like to limit read/write access to my discourse site to a limited set of possible users. John Q Public shall neither have read nor write access to any of our discussions. Is there a way to realize this?

I may be able to get a list of the allowed users’ email addresses. Alternatively, I could send out the website information to the allowed users, trusting them not to share this with others. Perhaps there are other ways to limit accessibility?

I write code for embedded computing, but am a beginner on the systems admin side, fwiw.

Grateful for any help -


1 Like

Here are a few site settings that you might find useful

  • invite only: Public registration is disabled, all new users must be explicitly invited by other members or staff.
  • login required: Require authentication to read content on this site, disallow anonymous access.
  • must approve users: Staff must approve all new user accounts before they are allowed to access the site.

Thank you - that is very helpful.

How do I set the password/user name then, please? A generic username would be fine.

Just invite the users you want to have access to your Discourse using their email address and they’ll do the rest (choose their username and password)


Ah, that is wonderfully simple. Thank you!

Another site setting that might be of interest is email domains whitelist – this allows you to restrict the domains of e-mail addresses that can sign up to the site. Can be handy if you want (for instance) a company-internal site, where everyone is guaranteed to have a company-provided e-mail address.


How about allowing all users to read content in public categories, but only allow users who have logged in to update/post? Would the “login required” setting turned off work for that? I want updates restricted, but not reads. Thanks for your response!

1 Like

Have a look at the security options on categories, you can set a category to “read”, if you want any content to be visible to anonymous “login required” is not an option you would use, instead you would lean on category permissions.

Apologies, closing this cause the original question here was answered!