Use an invite code to bypass new user approval?

currently users can invite others by adding their email directly in the invitation box.

it would be great and much simpler if one can use a simple invitation-name (e.g. the username of invitee) to join the forum. since this way people can even use the invitation credit out of the web (in real events e.g.).

imagine I’ve attended a workshop where I find lot’s of people related to our discussion forum, and I’d like to invite them. I need to get lot’s of emails and after the workshop I need to invite them one by one.

but this way I can easily give them my username and ask them to join the forum adding this name in the invitee field, so that they can start from a higher level.

what’s your idea?


You can also invite users by sharing the link in this dialog, have you tried that?


how will you do that if you don’t have my email?

steps are:

  1. you ask for my email,
  2. I pass it to you,
  3. you start the app,
  4. invite me using one of the invite buttons,
  5. I proceed with the sign up process.

while there can be less steps:

  1. you give me a name (Stephan),
  2. I start the app,
  3. I go to the signup panel and add your name there,

of course the second process is what happens most of the time, and only the link between people and the credit is missed.

So what’s the benefit of adding a username at signup? If the user is able to find the community and register, what do they gain by populating that extra field? Are you just looking to collect a list of people you’ve referred in? What’s the benefit to them?

Invites typically serve the following purposes:

  1. Bring a person to your community and direct them to a specific topic - just entering your username wouldn’t achieve that
  2. Bring a person to your private community and grant them access - this would defeat the security of private communities
  3. Bring a person to your public community and automatically add them to a group to see other things - see (2)

In those cases they receive an email that once they click the link gives them a frictionless sign-in, the email address is already verified so they either use the suggested username, or pick their own, then move on.

You significantly oversimplified what will be required of users in your example, they’re going to need to remember lots of additional information and complete several additional steps:

  • Where to browse
  • What to look for when they get there
  • Who referred them

Then they’ll need to manually register and validate their email address. If there are any groups or privacy involved there’s also additional administration steps on top.

They don’t just “start the app” - there is no app which magically routes users to particular discourse instances based on referrer username, usernames aren’t unique between instances. Adding an app at this stage just complicates matters - if it’s a site-specific app they’ll need to also know what it’s called and install it, if it isn’t and you’re just referring to the Discourse Hub they will still need to install that and provide a URL.

That doesn’t sound particularly user-friendly.

With the invite link you avoid a couple of those pain-points, the where, what and who is contained. If you don’t like the length and complexity of that URL and plan to re-use a single invite there are a ton of URL shortening options out there. I’ve done this a number of times myself, putting links in presentation decks, on hand-outs and other materials.

The above suggests you’ve not thought this through at all. Consider the benefits to the other party and how realistic it really is.


the benefit would be for them as well as invitee: some credit which results in their trust level (i.e. gamification).

this can only be meaningful if one can use his trust level somehow (to have extra access in the forum).

:+1: this is great, and can happen in the new scenario as well: once you give your invitation-name to me, if I use it in the sign up box, then I can skip the email verification step; because of your credit.

But that’s not verification, forum usernames are public. It will take seconds for spambots to realise that they can bypass the email verification field were that ever implemented.

Do you understand why email addresses need to be verified? If mail carriers such as Mailgun see many email bounces or receive spam reports for messages they will terminate the mail accounts of communities, cutting off email entirely. All because you don’t want to send or share an invite URL.


the invitation-key doesn’t need to be the username, it was just an example!

it can be a simple name which is unique per user.

you may have internet access all the time and you may know the email for all of your real world friends/colleague, not applicable to everywhere in the world.

So now it’s a fourth thing they need to remember?

You’re making remembering invite URLs sound easy in comparison :grin:

you can think of some variation of the invitee email which would be hard for spam-bots to guess. e.g. if your email is, then the invite code can be simply stephan.tester123!

everyone know their own email. don’t they?

Creating unique codes per-invite would require you to have internet access, no? If not then it’s something you can brute force.

It wouldn’t bypass the need to verify email, there is no substitute to sending an email to a mailbox and having the recipient follow a link or enter a received code, that’s why it’s still done everywhere.

a unique code per user name is enough, not per invite.

yes, I can see the problem with the verification email. the main idea was about being able to gamify the invites and use the credit, bypassing the email was just a suggestion coming up from the fruitful discussion, which is really not applicable.

I think what is misleading is the term “invite”.

All accounts need a username and a valid email address. Typically a member supplies these when they register.

It sounds like what you have in mind is more like a “pre-registration” where you supply the username and email address and they follow a link to activate the account.

I guess this could be done but I don’t know how things could be worked out to give you “invite” credit.

Isn’t this possible with bulk invites plugin @techAPJ?


Yes, that is correct.

@Pad_Pors I think this is closest to what you are looking for?

Using the above plugin you can simple hand out invite tokens to the people without needing to invite them manually.


cool thanks :+1: , just to understand it clearly: using the plugin:

  • admins can create several invitation-keys for users.
  • each key works for a particular email.

is it working like that?

though not necessary, I think one can think on a simpler routine where trusted-users can invite others and get the credit.

I agree with @Stephen that the invitation buttons are great, but at least in our community (which is still young) people prefer to use word of mouth rather than a button!

hey! there is a community here you will enjoy being part of!

now imagine this dialogue:

hey! there is a community here you will enjoy being part of. if you come, tell Samuel has introduced me! this way you’ll be trusted simpler from the beginning.

Yes, admin can create (generate) several invitation-keys (invite tokens).

No invite tokens are not linked/restricted to an email. While redeeming/accepting the invitation user has ability to provide email and choose username.


I followed the plugin discussion, and seems to me the plugin is not doing much in the favor of a simpler invitation process to be used in conference cases:

What this particular use case is reusable invites perhaps with a limited time frame. Then you could flash your url on a slide and people could copy it and do what you want.

The other solution is to allow users to request accounts, but that won’t give users credit for the invites.

OMG @codinghorror , I am needing this so much today.

I need to invite 50 people to a forum, I do not have their emails, I just want to share a code in a whatsapp group and have them all join.

As it stands there is absolutely no clean way of doing this. Since this is rather urgent for me I will hack something rudimentary up today.

I am thinking

requires approval : true
auto approve code : default empty, if anything on signeup user is prompted to enter approval code, if it matches, user is auto approved

This means I can share that 12345abc is the approval code to the forum on my whatsapp group and people can share within the circle. Once forum is seeded with enough users it can move to the more secure / controlled manner.

This is not about credit in my mind, far more about being able to semi securely seed a forum with lots of users quickly from another medium.


So this is about invite only / all users must be approved by staff sites? The title of this topic is badly broken if so, let me fix that now.

I don’t have any objection to this in terms of bypassing invite / approvals.