Registration policies control who can register on your captive portal and under what conditions. These policies apply during the registration process only, not during authentication.
Supported criteria
Registration policies are applied based on a set of matching conditions. All criteria use AND logic — meaning all selected conditions must match for the policy to apply.
| Criteria | Description |
| Location | Match based on the location/site defined in Cloudi-Fi |
| Location name | Specific name of the physical or logical location |
| Country | Apply country-specific rules |
| Continent | Regional segmentation |
| User profile | Segment users by identity group |
| Template | Match specific captive portal template name |
| Location tags | Custom tags assigned to locations for flexible grouping and targeting |
| Registration type | Type of registration (e.g., self-registration, sponsored, social) |
| Administrator | The specific admin account managing the registration (applies to lobby flows) |
| Administrator profile | Profile assigned to the administrator (e.g., lobby admin, read-only...) |
Configuration options
Domain controls
Control which email domains can be used during registration, per profile type:
Blocked email addresses for employees
Prevent employees from registering with unauthorized or external email addresses.
Examples:
john.doe@ext-company.com,*@external.company.com
Allowed email domains for employees
Only allow employee registrations from specific trusted domains.
Examples:
company.com,corp.company.com
Blocked email addresses for employees
Prevent employees from registering with unauthorized or external email addresses.
Examples:
john.doe@ext-company.com,*@external.company.com
Allowed email domains for employees
Only allow employee registrations from specific trusted domains.
Examples:
company.com,corp.company.com
Blocked email addresses for guests
Block guest registrations with disposable or untrusted email providers.
Examples:
alice@mailinator.com,*@tempmail.net
Allowed email domains for guests
Only allow guests from pre-approved or partner domains.
Examples:
partner.com,university.edu
Blocked email addresses for sponsors
Prevent specific users from sponsoring guest accounts.
Examples:
alice@externalvendor.com,*@freemail.org
Allowed email domains for sponsors
Only allow sponsorship from trusted corporate domains.
Examples:
company.com,trustedpartner.com
Profile assignment
Define how guest profiles are assigned and by whom:
- Default guest profile – Auto-assigned if the guest makes no selection
- Guest-selectable profiles – Options visible to guests during self-registration
- Lobby-electable profiles – Profiles assignable by lobby administrators
- Sponsor-selectable profiles – Profiles sponsors can apply when approving guests
Guest account management
Guest account duration – Sets how long a guest account remains valid
Configuration steps
Manage the lifespan and renewal of guest accounts:
- Go to the Cloudi-Fi admin console
- In the left sidebar, click on Policies
- Select Registration
- Click the "Add policy" button
- Fill in the following fields:
- Name: A descriptive label for the policy (e.g., "Guest - Limited access")
- Description (optional): Add notes about the scope or target audience
- Define matching criteria:
- Location
- Location name
- Country
- Continent
- User profile
- Template
- Location tags
- Registration type
- Administrator
- Administrator profile
- Configure parameters
- Blocked email addresses for employees
- Allowed email domains for employees
- Blocked email addresses for employees
- Allowed email domains for employees
- Blocked email addresses for guests
- Allowed email domains for guests
- Blocked email addresses for sponsors
- Allowed email domains for sponsors
- Default guest profile
- Guest selectable profiles
- Lobby selectable profiles
- Sponsor selectable profiles
- Guest account duration
- Save the policy
Save and prioritize the policy