People & Access
Manage who can access your event site, organize attendees into groups, and handle access requests.
Quick outcome
The people system controls authentication and authorization for your event. You manage an allowed email list, handle access requests from new users, and organize people into groups that can be used for permission targeting on documents, schedule items, and content.
Setup
Allowed emails
The allowed email list determines who can sign in to your event. Set it through:
- Admin UI:
/admin/people→ add individual emails - Settings:
/admin/settings→ edit theallowedEmailsJSON array
When someone tries to sign in:
- If their email is on the allowed list → OTP sent, they can sign in
- If their email is not on the list → they're directed to request access
Admin emails
Admin emails get full access to the /admin dashboard. The initial admin is set when the event is created in the platform UI. Add more admins:
- In
/admin/settings→ add to theadminEmailsarray - Through the people management UI
Access request flow
For users not on the allowed list:
- User visits
/request-accessand submits their email and name - An
access_requestrecord is created with statuspending - Organizer reviews requests in
/admin/people - Organizer approves → email added to allowed list, status set to
approved - Organizer denies → status set to
denied - Approved users can now sign in via
/auth
Day-to-day management
Managing people
Navigate to /admin/people to see all known people with their status:
| Status | Meaning |
|---|---|
config | Email on the allowed list (added by organizer) |
approved | Access request approved |
pending | Access request waiting for review |
denied | Access request denied |
Adding people
At /admin/people/new-person:
- Enter email address and optional name
- The person is immediately added to the allowed list
- They can sign in right away
Creating groups
Navigate to /admin/people/new-group:
| Field | Description |
|---|---|
| Name | Group name (e.g., "Family A", "VIP", "Activity Leaders") |
| Description | Optional description |
| Color | Hex color for badge display in the UI |
Assigning group membership
From the people management page:
- Add emails to groups
- Remove emails from groups
- View all groups and their members
Using groups for permissions
Groups can be used to restrict access to:
| Feature | How it works |
|---|---|
| Documents | Add group to document_permissions → only group members see the document |
| Schedule items | Add group to schedule_item_permissions → only group members see the item |
| Content sections | Add group to content_section_permissions → only group members see the section |
Example: Create a "Golf Outing" group, add interested attendees, then restrict the golf schedule items and related documents to that group.
Attendee experience
Signing in
Attendees use the email OTP flow at /auth:
- Enter email address
- Receive 6-digit code via email
- Enter code to sign in
- Redirected to their intended destination
Requesting access
If not on the allowed list, attendees can visit /request-access:
- Enter email and name
- Submit request
- Wait for organizer approval
- Once approved, sign in normally
Profile
Signed-in attendees can view their profile at /profile:
- Current email and sign-in status
- Link to their RSVP (if submitted)
- Quick links to event features
Troubleshooting
| Symptom | Fix |
|---|---|
| User can't sign in | Verify their email is on the allowed list or has an approved access request |
| No OTP email received | Check spam folder; verify Mailgun credentials and sender domain |
| OTP code invalid | Request a new code — codes expire after 10 minutes and allow only 3 attempts |
| Access still denied after approval | Ensure the approval added the email to the allowed list |
| Group permissions not working | Verify the email is a member of the group and the permission is correctly assigned |
| Duplicate person records | Clean up duplicates in the people management UI |
| Admin access denied | Verify email is in adminEmails and you're signed in with that email |
Next steps
- Event Settings — manage allowed and admin email lists
- Documents — use groups for document permissions
- Schedule — use groups for schedule item permissions