Add option to disable public signup while preserving invitation flow

[fabienfleureau]

Description

Add the ability to disable user self-registration (signup) through an environment variable. When disabled, the signup endpoint should return a 403 Forbidden response and the signup UI should be hidden or show an appropriate message.

Use Case

This feature is useful for:

• Private/internal deployments where only invited users should have access
• Controlled onboarding where administrators want to manually create accounts or use invitation-only flows
• Security hardening to prevent unauthorized account creation during sensitive periods
• Enterprise deployments where user provisioning is handled through SSO or external identity providers

Proposed Solution

Add a SIGNUP_ENABLED environment variable that controls whether self-registration is allowed

[cteyton]

Hi @fabienfleureau
Thanks for suggesting this.

So, would your journey be like:

• Creating your first user and organization
• Disallow each new self-serve account creation then and control registrations manually?

[fabienfleureau]

Hello Cédric, Yes exactly, or having a sort of first root user created at first start (with credentials in log for ex)

[cteyton]

Thanks, got it!