Use an invite code to bypass new user approval?

OMG indeed! I don’t know how it’s taken this long to explain this to you guys. It was a problem for me from my very first time using Discourse five years ago. I don’t know if I posted about it then, but I have seen this question a bunch of times since then. I needed it again for a client last fall and I didn’t bother to ask.

It’s great that this will get solved!


You didn’t address the topic at all, though.

In order to join any Discourse instance ever created, users must have an email address. How else can users create a Discourse account? Via passenger pigeon? Telegraph? Smoke signals? Fax machines? :bird:

This is explicitly about sites with “staff must approve all new users” set. It’s a really narrow condition, since I view the Discourse default in the wild as open user signup …

I’m sure that I’ve seen the exact example that Sam just described multiple times. You have a community that you want mostly private. You don’t know people’s email addresses,but have some other way to communicate with them.

I know I’ve used the example of wanting to invite people to join a private forum at a conference by sharing a URL and a code or password on a slide as an example.

Yes, it’s is an edge case.


Try re-reading the first post which mentions none of this.

Generally all you need to do is say “go to and sign up!”

This certainly addresses the OP, longer term we can make this per user if this takes off but for now a single code will do.


I cannot really support this unless the code grants the new user a free staff approval. Otherwise it feels a bit… insane and totally random?

1 Like

The idea is that this feature is used instead of staff approval. (it could be used if you also were concerned that lots of bots would request accounts, but that does seem unlikely)

Replace “username” in the OP with “invite token”. Does that make sense?

No, because the first post :arrow_up: in this topic was about users signing up with no email address at all.

How can such a user, with no email, ever reset their password, for example? Or even confirm their signup as valid?

I was the one who fixed the topic title, check edit history on that first post.

1 Like

That’s not the way I read it. It’s not that the users don’t have email addresses but that they have email addresses that I don’t have to be able to invite them.

1 Like

You don’t need their email addresses, just put the URL in front of them, via whatever means you are (somehow?) communicating with them?

I could see an invite code being seen as more personal which is good for community. It could also be associated with automatic group membership too for sites with premium sections.


Right but we already have personal invites which convey a TL bump when that person signs up:

I support this as a way of bypassing new user approval (for approval required sites) and maybe even granting special group membership but as a super suuuuper janky low-end form of http auth password… not so much? :thinking:

I can also support it as “generate a generic https link that will make the new user signup show up as as someone I invited” as well.

But as a form of weirdo old school 2001 “enter the sekrit HTTP username/pass to access this website” … I really just cannot support this, as stated. I’m sorry, but I can’t. That’d be going actively backwards.


But you don’t want everyone in the world who stumbles on the site to be able to register.

1 Like

Let’s merge the discussions to here Optional global invite code