diff --git a/internal/database/users.go b/internal/database/users.go
index 8008a5e..58b05ae 100644
--- a/internal/database/users.go
+++ b/internal/database/users.go
@@ -47,11 +47,15 @@ func (db *DB) UsersCreate(o *models.User) error {
 	}
 
 	for _, f := range structs.Fields(o.Params) {
-		if err := tx.Exec(
-			"INSERT INTO user_params (user_id, key, value) "+
-				"VALUES($1, $2, $3::TEXT)", o.ID, f.Tag("json"), f.Value()); err != nil {
-			tx.Rollback()
-			return err
+    // Filter zero values here, because if for example "telegram" module is disabled we will have
+    // conflict error for all users with telegram id 0.
+		if !f.IsZero() {
+			if err := tx.Exec(
+				"INSERT INTO user_params (user_id, key, value) "+
+					"VALUES($1, $2, $3::TEXT)", o.ID, f.Tag("json"), f.Value()); err != nil {
+				tx.Rollback()
+				return err
+			}
 		}
 	}
 
diff --git a/internal/modules/lark/config.go b/internal/modules/lark/config.go
index 43f0cb3..8a571b3 100644
--- a/internal/modules/lark/config.go
+++ b/internal/modules/lark/config.go
@@ -5,15 +5,28 @@ import (
 )
 
 type Config struct {
-	Admin             string `json:"admin"`
-	AppID             string `json:"app_id"`
-	AppSecret         string `json:"app_secret"`
-	VerificationToken string `json:"verification_token"`
-	EncryptKey        string `json:"encrypt_key"`
-	TLSEnabled        bool   `json:"tls_enabled" default:"true"`
-	ProxyURL          string `json:"proxy_url"`
-	ProxyInsecure     bool   `json:"proxy_insecure"`
-	DepartmentID      string `json:"department_id"`
+	Admin             string     `json:"admin"`
+	AppID             string     `json:"app_id"`
+	AppSecret         string     `json:"app_secret"`
+	VerificationToken string     `json:"verification_token"`
+	EncryptKey        string     `json:"encrypt_key"`
+	TLSEnabled        bool       `json:"tls_enabled" default:"true"`
+	ProxyURL          string     `json:"proxy_url"`
+	ProxyInsecure     bool       `json:"proxy_insecure"`
+	Auth              AuthConfig `json:"auth"`
+}
+
+// TODO: think about better auth config
+type AuthMode string
+
+const (
+	AuthModeAnyone          AuthMode = "anyone"
+	AuthModeDepartmentID AuthMode = "department_id"
+)
+
+type AuthConfig struct {
+	Mode         AuthMode `json:"mode"`
+	DepartmentID string   `json:"department_id"`
 }
 
 func (c Config) Validate() error {
diff --git a/internal/modules/lark/lark.go b/internal/modules/lark/lark.go
index 6a60cca..ebc2cf0 100644
--- a/internal/modules/lark/lark.go
+++ b/internal/modules/lark/lark.go
@@ -72,7 +72,7 @@ func New(cfg *Config, db *database.DB, tlsConfig *tls.Config, actions actions.Ac
 		cfg.AppID,
 		cfg.AppSecret,
 		lark.WithLogReqAtDebug(true),
-		lark.WithLogLevel(larkcore.LogLevelInfo),
+		lark.WithLogLevel(larkcore.LogLevelDebug),
 		lark.WithHttpClient(httpClient))
 
 	// Check that AppID and AppSecret are valid
@@ -170,9 +170,32 @@ func (lrk *Lark) Start() error {
 					return nil
 				}
 
-				var user *models.User
+				user, err := lrk.db.UsersGetByParam(models.UserLarkID, *userID)
+
+				switch lrk.cfg.Auth.Mode {
+				case AuthModeAnyone:
+					// Anyone who can see the bot can use it
+
+					if user == nil {
+						// Create user if not exists
+						user = &models.User{
+							Name: fmt.Sprintf("user-%s", *userID),
+							Params: models.UserParams{
+								LarkUserID: *userID,
+							},
+						}
+
+						if err := lrk.db.UsersCreate(user); err != nil {
+							// TODO: logging
+							lrk.mdMessage(*userID, msgID, "internal error")
+							return nil
+						}
+					}
+					break
+
+				case AuthModeDepartmentID:
+					// Anyone from specified department can access the bot
 
-				if lrk.cfg.DepartmentID != "" {
 					// TODO: save last check date in user and don't request departement every time.
 					resp, err := lrk.client.Contact.User.Get(ctx,
 						larkcontact.NewGetUserReqBuilder().
@@ -183,12 +206,13 @@ func (lrk *Lark) Start() error {
 					if err != nil {
 						// TODO: logging
 						fmt.Println(err)
+						lrk.mdMessage(*userID, msgID, "internal error")
 						return nil
 					}
 
 					found := false
 					for _, departmentID := range resp.Data.User.DepartmentIds {
-						if departmentID == lrk.cfg.DepartmentID {
+						if departmentID == lrk.cfg.Auth.DepartmentID {
 							found = true
 							break
 						}
@@ -200,8 +224,7 @@ func (lrk *Lark) Start() error {
 						return nil
 					}
 
-					user, err = lrk.db.UsersGetByParam(models.UserLarkID, *userID)
-					if user == nil && lrk.cfg.DepartmentID != "" {
+					if user == nil {
 						// Create user
 						user = &models.User{
 							Name: *resp.Data.User.Name,
@@ -215,14 +238,6 @@ func (lrk *Lark) Start() error {
 							return nil
 						}
 					}
-
-				} else {
-					user, err = lrk.db.UsersGetByParam(models.UserLarkID, *userID)
-					if err != nil {
-						// TODO: logging
-						fmt.Println(err)
-						return nil
-					}
 				}
 
 				type TextMessage struct {