Skip to content

conceal email domains from default login screen message #17130

New issue
New issue
Closed
Bug
#17132
Closed
conceal email domains from default login screen message#17130
Bug
#17132
Assignees
ericpaulsen
Labels
customer-reportedBugs reported by enterprise customers. Only humans may set this.s3Bugs that confuse, annoy, or are purely cosmetic
@ericpaulsen

Description

@ericpaulsen
ericpaulsen
opened on Mar 27, 2025

Many of our customers have developers from various third-party vendors and suppliers who use Coder for their development. If a supplier whose domain is not onboarded attempts to access Coder, they receive the following default message.

`{"message":"Your email \"[[email protected]\](mailto:[email protected]%5C)" is not in domains [\"[<customer-domain>.com](http://<customer-domain>.com/)\" \"[exxxxxxxt.com](http://exxxxxxxt.com/)\" \"mxxxxxa.xxxi\" \"[gxxxxe.com](http://gxxxxe.com/)\"]!"}`

here is the line of code in question:

coder/coderd/userauth.go

Line 1360 in 674f60f

Message: fmt.Sprintf("Your email %q is not in domains %q!", email, api.OIDCConfig.EmailDomain),

This creates a situation where third-party contractors are exposed to the various email domains within the corporate system. The ask here is to conceal the domains from this screen.

Metadata

Metadata

Assignees

Labels

customer-reportedBugs reported by enterprise customers. Only humans may set this.s3Bugs that confuse, annoy, or are purely cosmetic

Type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions