Many of our customers have developers from various third-party vendors and suppliers who use Coder for their development. If a supplier whose domain is not onboarded attempts to access Coder, they receive the following default message.

`{"message":"Your email \"[zhxxxx@sxxxxt.xxi\](mailto:zhxxxx@sxxxxt.xxi%5C)" is not in domains [\"[<customer-domain>.com](http://<customer-domain>.com/)\" \"[exxxxxxxt.com](http://exxxxxxxt.com/)\" \"mxxxxxa.xxxi\" \"[gxxxxe.com](http://gxxxxe.com/)\"]!"}`

here is the line of code in question:

This creates a situation where third-party contractors are exposed to the various email domains within the corporate system. The ask here is to conceal the domains from this screen.