I have added a rule to our Auth Pipe line to restrict email sign ups & sign ins to one (1) domain. While testing using my personal gmail account I keep getting confirmation emails even though gmail is not in the domain white list. Is there a toggle somewhere I’m missing to turn off any and all emails going to folks outside of our whitelist? Is a rule the correct way to do this? Also noticed that users are also being created in our account, which isn’t as big of an issue as the emails going out.
I am using the Apache mod_auth_openidc module on Apache 2.4.