Application Settings
:::info Coming Soon This feature is under active development. The design below reflects our planned implementation. :::
Each application in Aero2 will have configurable settings that control authentication behavior, security policies, and access control.
Planned Settings
Signup Mode
Control who can create accounts in your application:
| Mode | Behavior |
|---|---|
| Open | Anyone can register for an account |
| Invite only | New users must be invited by an admin or existing member |
| Restricted | Only users with email addresses matching an allowed domain list can register |
MFA Policy
Set the multi-factor authentication requirement for your application:
| Policy | Behavior |
|---|---|
| Off (default) | MFA is not available |
| Optional | Users can enable MFA for their own accounts |
| Required | All users must configure MFA before they can sign in |
Session TTL
Configure how long user sessions last before they expire.
Allowed Email Domains
Restrict account registration to specific email domains. For example, only allow @yourcompany.com addresses to sign up.
Blocked Email Domains
Block registrations from specific email domains. Commonly used to block disposable email providers (e.g., mailinator.com, tempmail.com).
Authentication Methods
Control which authentication methods are enabled for your application:
| Method | Description |
|---|---|
| Social login | Sign in with OAuth/OIDC providers |
| Password | Email and password authentication |
| Magic link | Passwordless email sign-in |
| Passkey | WebAuthn/biometric authentication |
You can enable multiple methods simultaneously. At least one method must be enabled at all times.