Skip to main content
Core uses a single users table for every person who can authenticate — whether that is an internal employee managing the backoffice or someone accessing a portal (customer, partner, client). The distinction between these two groups is made entirely through roles. Users authenticate via magic link / code — no passwords. They enter their email address and receive a short-lived signed link or code.

System Users

System users appear in the backoffice /users management interface. Core’s User model provides a systemUsers() scope used throughout the platform — by the user table, the activity log filter, and anywhere else that needs to list internal users.

Excluding Roles

Implement excludeFromSystemUsers() on your Role enum to declare which roles should be hidden from that view.
app/Enums/Role.php
enum Role: string
{
    case ADMIN  = 'admin';
    case STAFF  = 'staff';
    case CLIENT = 'client';

    public static function excludeFromSystemUsers(): array
    {
        return [self::CLIENT];
    }
}
User::systemUsers() will then return only ADMIN and STAFF users everywhere the scope is applied.
To build a portal-specific user list, use User::query() and filter by role directly. The systemUsers() scope is only for the backoffice administration context.

Auto-Registration by Domain

For scenarios where anyone from a given domain should automatically get access — for example, all @company.com employees accessing an internal operations platform, or all @acme.com contacts accessing a client portal — Core supports auto-registration by email domain. A user from an approved domain who does not yet have an account receives a signed registration link when they attempt to log in. No admin invite required.

Configuration

Map each domain to the role that new users from that domain should receive:
config/auth.php
'auto_registration_domains' => [
    'company.com' => App\Enums\Role::STAFF->value,   // internal team
    'acme.com'    => App\Enums\Role::CLIENT->value,  // client portal
],
To configure domains per environment, use an environment variable:
config/auth.php
'auto_registration_domains' => [
    ...collect(explode(',', env('AUTO_REG_DOMAINS', '')))
        ->filter()
        ->mapWithKeys(fn ($domain) => [$domain => App\Enums\Role::CLIENT->value])
        ->toArray(),
],

How It Works

1

User enters their email

If no account exists but the domain is approved, the registration flow starts automatically.
2

Signed link is sent

Core emails a time-limited signed link to the address.
3

User completes registration

The user opens the link and fills in their first and last name.
4

Account created and session started

Core creates the account with the configured role and logs the user in.

AutoRegistration Service

You can interact with the registration flow programmatically: 
use Inly\Core\Services\AutoRegistration\AutoRegistration;

$autoReg = app(AutoRegistration::class);

$autoReg->isEligible('user@acme.com');   // is the domain approved?
$autoReg->getState('user@acme.com');     // current registration state
$autoReg->invite('user@acme.com');       // send the signed link
$autoReg->userExists('user@acme.com');   // does an account already exist?