Make sure the Admin role is not the default role assigned to newly created users.
maliming, I don't think your suggestion would work if I am using Postman to register via non-web client (mobile app will use our APIs to register, since I will deploy Mvc.Host as web app by itself just for mobile apps).
How do I pass or get that captcha code for our mobile app users? I have setup my web application to require captcha phrase on registeration as well as on login.
If I provide null for this value during registration via Postman, I receive this error message: You must prove that you are not a robot.
Any suggestions?