Managing Sectors
A sector is an isolated tenant namespace in SpartanAuth. Each of your applications — or each of your customers, if you’re building a multi-tenant platform — gets its own sector.
Creating a sector
The ability to create new sectors from the dashboard is coming soon. In the meantime, contact support to have a sector provisioned for your application.
Sector settings
Section titled “Sector settings”Domain and allowed origins
Section titled “Domain and allowed origins”The Domain field sets the primary origin for your application. SpartanAuth uses this for:
- CORS — only requests from allowed origins can call the API
- Email links — password reset and magic link URLs point to this domain
Allowed Origins lets you add additional CORS origins (e.g., https://staging.myapp.com, http://localhost:5173 for local development).
Self sign-up
Section titled “Self sign-up”When Self Sign-Up is enabled, new users can register themselves via the <spartan-login> widget. When disabled, users must be invited by an administrator.
Disable self sign-up for internal tools or B2B applications where you control who has access.
Security settings
Section titled “Security settings”Additional per-sector security options include:
- Required MFA enforcement
- Password complexity requirements
- Session lifetime configuration
Deleting a sector
Section titled “Deleting a sector”Deleting a sector is permanent and removes all profiles, credentials, and settings within it. This action cannot be undone.