Allowlist Identifiers

Learn how to restrict access to your application only to certain emails or phones


The allowlist feature allows you to control who can get access to your application. It basically restricts sign ups and sign ins only to a certain set of email addresses, email domains, phone numbers or web3 wallets that you define.
Apart from individual email addresses, you can also whitelist whole email domains.
Whenever you add a single email address or phone number to your allowlist identifiers, you can also choose whether you want to notify this person by an invitation to their email address or phone number respectively.
In order to add a set of email addresses to your allowlist identifiers, simply pass an asterisk as the email inbox. The asterisk will act as a wildcard and add all inboxes for a certain email domain.
Here's an example. If you add *@clerk.dev as your allowlist identifier, it means that anybody with a clerk.dev email address can sign up for your application. Email addresses from different domains will not be able to sign up.
In order to use the allowlist feature, it needs to be enabled for your instance. To enable it, use our Backend API to update your instance settings. Each instance of the app (development, staging, production) needs to be updated separately.

Available requests

  • GET /v1/allowlist_identifiers
  • POST/v1/allowlist_identifiers
  • DEL /v1/allowlist_identifiers/:id

Example allowlist identifier schema

"object": "allowlist_identifier",
"id": "alid_1sOWqxBnLKkD7Alxv5EymdOKjue",
"identifier": "+1655559004",
"identifier_type": "phone_number",
"created_at": 1620370000,
"updated_at": 1620370000
List all allowlist identifiers
Create an allowlist identifier
Delete an allowlist identifier