docs: Document Sign-up Rules feature

[promptless]

Open this suggestion in Promptless to view citations and reasoning process

Adds new documentation for the Sign-up Rules feature that allows admins to control who can sign up for their application. Documents how to create rules in the dashboard, the available context variables (email, emailDomain, authMethod, oauthProvider), the available actions (allow, reject, restrict, log), rule priority ordering, default action settings, common use cases like blocking disposable emails or restricting to corporate domains, and how to use the built-in rule tester to simulate sign-up requests before deploying rules. Placed under the Concepts section.

Trigger Events

stack-auth/stack-auth commit (dev): 7a35751 Sign up rules (#1138)

Promptless Research (1 GitHub PR)

• Reviewed stack-auth/stack-auth#1138

Agent Response

I've completed the documentation for the Sign-up Rules feature introduced in PR #1138.

Summary

Created a new documentation page for Sign-up Rules that covers:

• Overview: How rules let admins control who can sign up using conditions and actions
• Creating Rules: Step-by-step instructions for the dashboard UI
• Available Conditions: Documented all context variables (email, emailDomain, authMethod, oauthProvider) and supported operations (contains, startsWith, endsWith, matches, ==, !=)
• Actions: Explained all four action types:
  • Allow - Let users sign up normally
  • Reject - Block sign-up with optional internal logging message
  • Restrict - Allow sign-up but mark user for admin review (links to JWT docs for restricted user tokens)
  • Log - Track patterns without affecting sign-up
• Priority & Default Action: How rule ordering works and when to use reject-by-default
• Common Use Cases: Practical examples like blocking disposable emails, corporate-only domains, and different rules per auth method
• Analytics: Brief mention of the dashboard analytics showing rule triggers

The new page has been added to the navigation under the "Apps" section, positioned near other authentication-related documentation.

stack-auth/stack-auth commit (dev): 6fcf1a8 Test sign-up rules widget

Promptless Research (1 webpage)

• Read webpage from github.com

Agent Response

I've completed the documentation update for this commit. Here's a summary:

Summary

I updated the existing Sign-up Rules documentation suggestion to document the new Test Rules widget introduced in commit 6fcf1a8.

Changes Made

Added a new "Testing rules" section to the sign-up rules documentation that covers:

• How to access the tester: Navigate to the Sign-up Rules page and click "Open tester"
• Test inputs: Email address, authentication method (Password, OTP, OAuth, Passkey), and OAuth provider
• Understanding results:
  • Outcome - Whether the sign-up would be allowed or rejected, and why
  • Triggered rules - All rules that matched, with their conditions and actions
  • Evaluation trace - Detailed view of how every rule was evaluated
  • Normalized context - How the input was parsed (useful for debugging conditions)

This addition complements the existing sign-up rules documentation and helps users test their rule configurations before deploying them to production.

---

Tip: Planning a big docs refactor? Use Deep Analysis to get help with the heavy lifting 🔍

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
stack-backend	Ready	Preview, Comment	Feb 24, 2026 4:44pm
stack-dashboard	Ready	Preview, Comment	Feb 24, 2026 4:44pm
stack-demo	Ready	Preview, Comment	Feb 24, 2026 4:44pm
stack-docs	Ready	Preview, Comment	Feb 24, 2026 4:44pm

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you all sign our Contributor License Agreement before we can accept your contribution.
1 out of 2 committers have signed the CLA.

✅ madster456
❌ promptless[bot]
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[greptile-apps]

Greptile Overview

Greptile Summary

This PR adds comprehensive documentation for the Sign-up Rules feature introduced in PR #1138. The documentation covers all key aspects of the feature including rule creation via the dashboard, available context variables (email, emailDomain, authMethod, oauthProvider), condition operators (contains, startsWith, endsWith, matches, ==, !=), four action types (allow, reject, restrict, log), rule priority ordering, default action configuration, and the built-in rule tester.

Key sections added:

• Creating rules with step-by-step instructions
• Available conditions table documenting all context variables
• Detailed explanations of all four actions
• Priority and default action behavior
• Common use cases with practical examples (blocking disposable emails, corporate-only domains, auth method restrictions)
• Analytics section mentioning 48-hour trigger statistics
• Testing rules section documenting the rule tester widget

The documentation is accurate and matches the actual implementation found in apps/backend/src/lib/cel-evaluator.ts and related files. All context variables, action types, and authentication methods documented align with the codebase. The placement in the Concepts section is appropriate alongside related authentication documentation.

Confidence Score: 5/5

• This PR is safe to merge - it only adds documentation with no code changes
• Perfect score because this is a documentation-only PR that accurately documents an existing feature. Verified documentation accuracy against implementation in cel-evaluator.ts and related test files. No code changes, no security concerns, no logic issues.
• No files require special attention

Important Files Changed

Filename	Overview
docs/content/docs/(guides)/concepts/sign-up-rules.mdx	New comprehensive documentation for Sign-up Rules feature covering all aspects: rule creation, conditions, actions, testing, and common use cases
docs/content/docs/(guides)/meta.json	Added sign-up-rules entry to navigation under Concepts section, properly positioned before emails

[greptile-apps]

_{2 files reviewed, no comments}

_{Edit Code Review Agent Settings | Greptile}

[vercel]

Additional Suggestion:

JWT documentation is missing documentation of is_restricted and restricted_reason claims that are part of JWT tokens

[promptless]

I've added new changes to address this GitHub Commit in commit 78d8975

[promptless]

Citation: Added the user-facing error message based on changes in packages/stack-shared/src/known-errors.tsx. The commit improved the default SignUpRejected error message from "Please contact us for more information" to the clearer "Your sign up was rejected by an administrator's sign-up rule."
View source