You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The UI implements captcha for new user registrations, but it is browser side only. It is recommended to have the UI captcha generate a token which can then be verified by the Master Controller before allowing the user create to happen. This, along with the rate limiter, will help prevent bots from spamming new user creates.
This is only valid for user create requests from a web browser going through our UI interface. For mcctl and direct API calls, we can just drop support for the current unauthenticated user create, but also add a restricted-user-create which requires admin authentication. The restricted user create will be used for unit, e2e, and regression testing.
The text was updated successfully, but these errors were encountered:
The UI implements captcha for new user registrations, but it is browser side only. It is recommended to have the UI captcha generate a token which can then be verified by the Master Controller before allowing the user create to happen. This, along with the rate limiter, will help prevent bots from spamming new user creates.
This is only valid for user create requests from a web browser going through our UI interface. For mcctl and direct API calls, we can just drop support for the current unauthenticated user create, but also add a restricted-user-create which requires admin authentication. The restricted user create will be used for unit, e2e, and regression testing.
The text was updated successfully, but these errors were encountered: