Dynamic Configuration

THROTTLING_SETTINGS: Per-scope throttling limits for login, password-reset, register, and user-unsubscribe scopes (e.g., {"login":{"count":5,"duration":60}}).

GUEST_USER_REGISTRATION_REQUIRES_EMAIL_VERIFICATION: When enabled, blocks login for guest users (created during checkout) who have the verification_required attribute until they verify their email address. These users are automatically assigned verification_required=true when created via the checkout process.

SMS_OTP_EXPIRE_TIME: Time in seconds before an SMS OTP code expires. Default: 180 seconds. Set to 0 to disable expiration.