Page MenuHomePhabricator

How do we get 500 devs invited to an instance (with or without invites)?
Closed, ResolvedPublic


We've got ~500 engineers. Only a few are admins. We'd like anyone to be able to invite anyone else to use Phabricator. Currently, sending invites seems to be limited to instance Admins. How do we change that?

Really, I'd just like anyone in our domain to be able to access the instance. I poked some options that seem to restrict it to verified email addresses, but that doesn't let anyone actually get into the instance.


Revisions and Commits

Restricted Differential Revision

Event Timeline

This isn't currently supported, but I think it's reasonable to implement. Behavior would roughly be something like this:

  • An instance administrator adds a whitelisted mail domain to the instance (
  • We probably need to approve these? Or maybe you just have to get us to do it on your behalf for now? Seems potentially bad if someone adds as a whitelisted domain -- this wouldn't actually do anything bad, but could be pretty confusing for new users.
  • Anyone who verifies an account at the domain is automatically added to the instance as a member.

Does that sound roughly like what you're after?

Yep, that sounds pretty much perfect.

Is there any workaround I could do with invites right now? Like a multi-use invite link?

There isn't really much of a workaround available at the moment, but I think we can get the feature deployed in some reasonable form by later today.

That would be awesome! I've shown Phabricator (Differential specifically) to a few people and used it for some changes. They've basically gone crazy about how awesome it is (they've only known github PRs). I'd like to have them start spreading the word virally in the org without me. Something like a multi-use invite link would work well for that, although are certainly other approaches. Thanks!

epriestley added a revision: Restricted Differential Revision.Aug 31 2015, 6:57 PM
epriestley added a commit: Restricted Diffusion Commit.Aug 31 2015, 7:05 PM

This is now deployed to the cluster and I've updated the configuration for your instance. You should be able to see the domain on your instance page, and the configuration change in the transaction log in case I spelled it wrong or something silly like that.

Here's how it works for now:

  • Currently, we (Phacility) have to edit the domains associated with your instance for you, so let us know if you want more/different domains. We could make this user-editable eventually, I just want to avoid someone adding by mistake or because they are very clever.
  • When a user verifies an email address at a domain associated with your instance, they should automatically be invited to the instance. In particular, it will appear on their homepage console and logins will work.

Because we don't require verification to browse, the login workflow isn't as smooth as it could be right now. Specifically, between the time a user registers with their address and tries to login to, they won't get a UI hint telling them that they need to verify, and the "you can't login" error won't point them at this remedy. I've made some notes to improve this in T7173 (basically: tell them to verify their address if doing so would allow them to log in). In the meantime, instructions for users would be something like:

  • Register on with your address.
  • Check your mail and verify your address! You won't be able to login until you do.
  • After verifying, login at

We can attack T7173 on the sooner-rather-than-later side if this causes friction in practice, the error is just on the general-purpose open-source Phabricator side of the codebase rather than the proprietary SAAS-specific Phacility side so adding hooks is a little bit more involved.

If a user has already signed with another address (say, a personal address), they can use SettingsEmail Addresses to add a address. As soon as they verify it they'll get invited to the instance.

And obviously this is brand new, so let us know if you run into issues or it doesn't solve your problem or whatever else.

Thanks for the quick turnaround! Just went through it with a couple of people and seems to be working great.

epriestley claimed this task.

Awesome! I'll see if we can clean up that login-error-state stuff soonish. Let us know if you run into anything else.