Group 56.png

New feature: Restrict tickets to specific domains or email addresses

Organisers often ask us if they can specify domains and email addresses that can or can’t register for an event.

The answer up to now has always been no (more about why, later). But from today, it's yes!

We’ve added a new Restrictions section under the Settings menu. Type or paste in a list of domains or individual addresses — Tito can differentiate between them — to block and/or allow, and these rules will apply immediately to both registering and assigning tickets.

Use the Block list to disallow registrations from certain domains or organisations (such as gmail.com or evil.corp). You can also block individual email addresses, for instance those of previously banned attendees.

For events that require a high level of security or exclusivity, the Allow list enables you to specify trusted email addresses or domains that are the only ones permitted to register. For instance, for an internal event you might restrict registrations to your organisation’s domain. Or if you have a guestlist of people you’re planning to invite, you can add their email addresses to the Allow list before sharing the registration link, and only folks on the list will be able to sign up.

You can also combine the Block and Allow list for greater control. In this case, the Allow list will be considered exceptions to the people on your Block list, rather than the only domains or addresses that can register. This is useful if you want to block a particular domain but allow specific addresses from within that domain.

When trying to register or assign a ticket with a restricted email address or domain, users will see a warning that the email address is not authorised, and will not be able to proceed.

Of course, we’re aware there’s nothing to prevent someone from using a different email address to get around the rules you’ve set up. In fact, this is one of the reasons it’s taken us so long to prioritise this feature, despite it being requested so much. In the end though, we decided there was enough merit in deterring casual would-be registrants, and especially in enforcing registration to specific domains. We hope these new Restriction settings will reduce the admin burden associated with keeping an eye out for unwanted registrations or unpermitted email addresses, and having to cancel or edit them respectively.

As a bonus, we’ve also taken this opportunity to publicly release our Unique Emails feature, previously only available on request. This allows you to limit the assigning of tickets to one per unique email address, which is useful when working with our API to pull data into third-party apps that require attendees to have a unique email address.

Shipping these features is part of our ongoing commitment to making Tito more secure and customisable. We always appreciate our customers letting us know what they want to see next, so if you have any feedback, suggestions or questions, drop us a line anytime at support@tito.io.