I’m trying to restrict users in Umbraco so that users with the “collarDatabase” role can only add members to the “Collar_Database” member group. If a user attempts to add a member to any other group, the operation should fail, and no changes should be saved. I’m using MemberSavingNotification to cancel the save if unauthorized groups are detected. The problem is that the handler triggers multiple times for the same request and the member changes are still saved even after calling notification.CancelOperation(). How can I ensure the handler runs only once per request and that the save is completely blocked if unauthorized groups are detected?

I have a Members area (not Users) which is password protected. In a SurfaceController, I am using IMemberSignInManager PasswordSignInAsync to sign a member in if other various tests are passed.

I have created multiple Sites at root level and setup for all sub domain to respective sites.

The cmsMember record contains a field called “emailConfirmedDate” but it doesn’t show on a Member record when viewing in the CMS.