6 docs tagged with "expression"

Use an expression policy when only specific email domains should be allowed to enroll or authenticate.

By default, authentik does not require email addresses to be unique. If you want to enforce uniqueness, use an expression policy during enrollment or profile-edit flows.

Expression policies let you write custom Python for cases where the built-in policy types are not enough.

This page documents the expression-policy execution environment in authentik.

Flow context can be read and updated from an Expression policy through context["flow_plan"].context.

You can use an expression policy to route users to different sources based on the email address they enter.