Limit auth to certain domain only

On the backend you can add security rules to the database

Restrict Firebase authentication to a certain domain

{
  "rules": {
    ".read": "auth.token.email.matches(/.*@example.com$/)",
    ".write": "auth.token.email.matches(/.*@example.com$/)"
   }
}

How do I create firestore rules based on users email domain?

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
    match /podcasts/{podcast=**} {
      function isValidEmail(){
       return (request.auth.token.email.matches('.*@example[.]com$') && 
        request.auth.token.email_verified)
      }
      allow read, write: if isValidEmail();
    }
  }
}