Skip to content

Comments

enable and configure a sign-up form#5986

Open
susanharper-okta wants to merge 3 commits intomasterfrom
sdh-okta1074069-SSR
Open

enable and configure a sign-up form#5986
susanharper-okta wants to merge 3 commits intomasterfrom
sdh-okta1074069-SSR

Conversation

@susanharper-okta
Copy link
Contributor

@susanharper-okta susanharper-okta commented Feb 23, 2026

Description:

  • What's changed? enable and configure a sign-up form
  • Is this PR related to a Monolith release? No

Resolves:

Netlify Preview Link:

(https://preview-5986--reverent-murdock-829d24.netlify.app/docs/guides/enable-configure-signupform/main/)

@okta-prod-github-app
Copy link

Acrolinx score

A minimum Acrolinx Score of 80 is required. The total score is an average of the subscores.
Select Total score to review the Acrolinx scorecard for your article. Try to increase your individual scores, for example: Correctness. Your content will be clearer and more consistent.

Article Total score
Required:80
Word and phrases
(Brand, terms)
Preferred: 80
Correctness
(Spelling, grammar)
Preferred: 80
Clarity
(Readability)
Preferred: 80
Inclusive language
(+ accesibility)
Preferred: 80
packages/@okta/vuepress-site/docs/guides/enable-configure-signupform/index.md 100 100 100 100
packages/@okta/vuepress-site/docs/guides/enable-configure-signupform/main/index.md 87 48 100 100
packages/@okta/vuepress-site/docs/guides/index.md 87 72 72 78
packages/@okta/vuepress-site/docs/guides/oie-embedded-sdk-use-case-self-reg/main/index.md 94 88 88 100

Successfully checked 4 of 4 documents.
See summary in Content Analysis Dashboard

Reopen the pull request or push new changes to check again.

Depending on the Acrolinx server configuration, the
links expire after some time and you must have a login for the
Acrolinx server to access them again.


* An [Okta Integrator Free Plan org](https://developer.okta.com/signup/)
* Super admin privileges to modify user profile policies and Universal Directory
* An existing OIDC app integration in your Okta org
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
* An existing OIDC app integration in your Okta org
* An existing OIDC app integration in your org


Self-service registration (SSR) for your apps is turned off in the default user profile policy of your org. This is because many workforce apps are assigned users centrally and therefore don't require a "Create an account" or "Sign-up" button.

Configure an SSR flow in your Okta org so that users can independently sign up using a custom enrollment form and a sign-up link. This configuration enables you to automate group assignments and manage security by enforcing email verification and authenticator enrollment policies.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
Configure an SSR flow in your Okta org so that users can independently sign up using a custom enrollment form and a sign-up link. This configuration enables you to automate group assignments and manage security by enforcing email verification and authenticator enrollment policies.
Configure an SSR flow in your org so that users can independently sign up using a custom enrollment form and a sign-up link. This configuration enables you to automate group assignments and manage security by enforcing email verification and authenticator enrollment policies.


Configure an SSR flow in your Okta org so that users can independently sign up using a custom enrollment form and a sign-up link. This configuration enables you to automate group assignments and manage security by enforcing email verification and authenticator enrollment policies.

To enable a sign-up flow for your app and give Okta enough information to power it:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
To enable a sign-up flow for your app and give Okta enough information to power it:
To enable a sign-up flow for your app and give Okta enough information to power it, complete the following steps:

To enable a sign-up flow for your app and give Okta enough information to power it:

* Create a user profile policy that enables SSR.
* Create a profile enrollment policy that defines the user information they need to supply and how it's stored.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
* Create a profile enrollment policy that defines the user information they need to supply and how it's stored.
* Define the information that the user needs to supply.
  • Defining the UD attributes that users need to supply is done through the user profile policy.
  • Not sure if the user profile policy can control how user information is stored.

Profile enrollment is a concept but not a policy, AFAIK. https://help.okta.com/oie/en-us/content/topics/identity-engine/policies/about-ssr-and-pe.htm

* Create a profile enrollment policy that defines the user information they need to supply and how it's stored.
* Create an authenticator enrollment policy that defines the required authenticators for your app.

> **Note**: This doc assumes that you have already designed your SSR flow and are ready to configure it. See [Plan self-service registration flows](https://developer.okta.com/docs/concepts/self-service-registration/) to learn how various policies, Universal Directory, and optional scripts combine to influence the SSR flow. For information on how to plan your SSR flow, see [Design your sign-up flows for different types of users](BRENT).
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
> **Note**: This doc assumes that you have already designed your SSR flow and are ready to configure it. See [Plan self-service registration flows](https://developer.okta.com/docs/concepts/self-service-registration/) to learn how various policies, Universal Directory, and optional scripts combine to influence the SSR flow. For information on how to plan your SSR flow, see [Design your sign-up flows for different types of users](BRENT).
> **Note**: This doc assumes that you have already designed your SSR flow and are ready to configure it. See [Plan self-service registration flows](/docs/concepts/self-service-registration/) to learn how various policies, UD, and optional scripts combine to influence the SSR flow. For information on how to plan your SSR flow, see [Design your sign-up flows for different types of users](BRENT).


Create a user profile policy before configuring your app to authorize user-led account creation and define data collection requirements.

1. Go to **Security** > **User Profile Policies** in the Admin Console.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
1. Go to **Security** > **User Profile Policies** in the Admin Console.
1. In the Admin Console, go to **Security** > **User Profile Policies**.

1. Click the **Apps** tab and click **Add an App to This Policy**.
1. Click **Apply** next to your app, and then click **Close**.

> **Note**: Email verification is required by default. If you would prefer to not verify the user's email as part of the registration process, clear that option.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This note should be moved to ### Enable SSR I think, since the setting is available in the Enrollment tab.


To require user information in addition to name and email, add attributes to the profile enrollment form in your user profile policy. Users are prompted for information only if a required value is missing and progressive profiling is enabled (the default value).

1. In the **Profile enrollment form** section of your policy, click **Add form input**.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Add a step here?

  1. Go back to your user profile policy and click the pencil icon.

### Create an authenticator enrollment policy

Part of self-registration is the user setting up authenticators (for example, email, phone) that they use to validate their identity when they sign in. Create an authenticator enrollment policy to manage how and when your end users enroll authenticators when they sign up.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
Part of self-registration is the user setting up authenticators (for example, email, phone) that they use to validate their identity when they sign in. Create an authenticator enrollment policy to manage how and when your end users enroll authenticators when they sign up.
Part of self-registration is the user setting up authenticators (for example, email or phone) that they use to validate their identity when they sign in. Create an authenticator enrollment policy to manage how and when your end users enroll authenticators when they sign up.

1. To add authenticators, click **Add authenticator**. See [Multifactor authentication](https://help.okta.com/okta_help.htm?type=oie&id=ext-about-authenticators) for detailed information on the supported authenticators.
1. To create your authenticator enrollment policy, click the **Enrollment** tab. Then, use [Create an authenticator enrollment policy](https://help.okta.com/okta_help.htm?type=oie&id=ext-create-mfa-policy) to configure your policy.

> **Note**: When you set the values for specific authenticators, use **Optional** for some to allow users to choose their preferred factors during the sign-up process.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
> **Note**: When you set the values for specific authenticators, use **Optional** for some to allow users to choose their preferred factors during the sign-up process.
> **Note**: When you set the values for specific authenticators, use **Optional** for some to allow users to choose which authenticators to enroll during the sign-up process.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants