[keycloak-user] Blacklisting/whitelisting of domains for email entered during user registration

[Vlastimil Elias]

Hi,

Is there this feature (i was not able to find it) in Keycloak or is it 
planned (I was not able to find it in JIRA)?

It is extremely useful (mainly blacklisting) in some cases. Eg. 
yesterday we fought spammers in one of our public systems. Spammers 
registered lots of new users using disposable email service and then 
used them to create spam content. We blacklisted domains used by the 
disposable email service from registration, which stopped spammers 
immediately.
We do not use Keycloak there yet, but maybe in future. Current system we 
use has blacklisting available OOTB.

Registration email whitelisting may be useful if you create service for 
eg. your employees only, and want them to register there with company 
emails only.

I think it should be possible to add new step into "Registration" flow 
to perform this blacklisting, we can do it yourself probably, but it 
should be cool to have this very useful feature present in the Keycloak 
out of the box.

WDYT about this feature, can I create jira feature request for it?

Vlastimil

-- 
Vlastimil Elias
Principal Software Engineer
Developer Portal Engineering Team