Who can sign up to be a user?
Under Access Control you find all settings regarding who can register to use your schedule(s) and what the registration process will look like. This includes which steps a new user should complete when signing up and which information they should provide in the process.
The Access Control page settings allow you to define all aspects of the registration process:
- Control access to your schedule by defining who can register
- Collect user data upon registration
- Configure whether confirmation and verification is required
- Enable other settings in regards to the access of your schedule
Who can register?
There are six options to control access to your schedule(s), ranging from open to very restrictive. Each option offers a different level of security and flexibility, allowing you to choose the one that best suits your needs. Here is a breakdown of these options:

- Anyone can sign up: the easiest and most user-friendly way to manage access to your schedule is to allow anyone who can find it to register as a user. This option is ideal if you use your schedule for commercial purposes.
- Shared password: only users who know the shared password can log in. Although this option helps prevent random visitors to your schedule from gaining access, there is no way to block access for a particular user once they know the shared password.
- Specific IP address: IP filtering is only suitable if all potential users access the internet through a single gateway, i.e. all employees of a company. Once a user has created a login name while inside the IP range, he can also use it while outside the IP range. Under User Management it is possible to manually add users outside the IP range.
- Specific email domain: this is suitable for organizations, who have their own email domain. Upon creating a login name, new users receive an email with a verification link that they need to click. Under User Management, users with different email addresses can be added manually.
- Specific users: instead of having users create their own login names and passwords, this option lets the administrator (or superuser) do this. This can be done either manually via User Management or from a CSV file via Import.
- Registration managed on your site: if you already let your users register and login on your own website, it would be possible to set up a so-called single sign-on and automatically log them in at SuperSaaS as well. This avoids the need for your users to log in twice. If your website is based on Drupal, Joomla!, Wix or WordPress, our free plugins help you set this up. Otherwise, an interface to your back-end systems would need to be custom-built using the documentation for programmers.
Collecting user details upon registration
Upon registration, you can collect additional information from users. Besides the typical login name and password, you can ask for further information such as users’ contact details. Two additional text fields are available to collect any remaining information you might need.

When setting up your sign-up form, you can categorize each information field as Required, Optional, or Don’t Ask. By assigning a category to each field, you control which information is collected during user registration. Here’s what each category means:
- Required: users must complete this field to proceed with the registration process. Leaving it empty will prevent them from continuing.
- Optional: users can choose whether or not to fill in this field. It can be left blank without affecting the registration process.
- Don’t ask: this field will not appear on the sign-up form at all.
Note that even the Password field can be switched off. Doing so will remove the password field from the login dialog for your schedule.
Users can change this information later on by clicking on the Your settings link in the upper-right corner of the screen. This link will only show when users are logged in. You can also block users from updating their own information (see Other settings below).
Use custom fields or forms to collect additional information
In addition to the standard contact detail fields, you can use two additional text fields to collect custom information. By enabling one or both of these fields, they will also become available for use in the booking dialog that can be configured via Configure > Process.
If you need to add more than two custom text fields or prefer to use options like checkboxes or dropdown menus, you can create a custom form instead. After you have created such an integrated form (see Adding booking forms), you can add it to the registration process. Connect a form to your registration process from the dropdown menu under Attach a form to each user to capture additional information?.
You can also add a “supervisor field”, a field that only you, or a superuser, can edit. If the information in the supervisor field is not confidential, you can make it visible to the user by setting it to User Process section.
. For more information of the Supervisor field and its uses, visit theRegistration confirmation and verification
By default, no confirmation of registration is provided to new users. Upon completion of the registration process, they are immediately logged in and can start using your schedule(s). To ensure users receive a confirmation of their registration, select Layout Settings (see also Layout). If you want to be notified of new registrations in addition to confirming them for users, select .
. The SuperSaaS system will then send new users a confirmation email. The content of this email can be customized under
To discourage unwanted visitors from signing up, you can require them to verify their email address by selecting
. This weeds out people using fake or invalid email addresses, as they won’t receive the notification email and thus cannot activate their user account.To understand what the registration process looks like to new users, you can check the flowchart on the page. It instantly reflects any changes you make to the settings.

For example, if you select the option Configure > Process.
, the flowchart will update to show a step that says that the IP address will be checked. Note that this is only the registration process; there is another flowchart that shows the booking process underOther settings
At the bottom of the Access Control page, three more sets of registration/authorization related settings can be found. The first setting can be used to provide new users with a starting credit upon registration (note that this option is only available when the credit system has been enabled). For more information, see the documentation for the credit system.

The second set of settings lets you implement additional security measures, such as preventing browsers from storing login names and passwords. Here you also block users from updating the information they provided upon registration (see above). You also find an option here that will prevent users from accessing your schedule on an HTTP connection. In that case, users will be automatically redirected to the HTTPS version of the page. You can read more about the importance of securing your connection in this blog on HTTPS security.
If you have multiple schedules in your account then you will see a set of settings that allows you to show a list of available schedules to your users. There is also a setting that allows you to specify that users need to log in before they can see that list. This option is useful in combination with User Groups (see that page for a full explanation). The final set of settings determines whether superusers can create additional users and act on their behalf (see also Daily Use for tips on how to put these settings to good use).