enable and configure a sign-up form#5986
Open
susanharper-okta wants to merge 3 commits intomasterfrom
Open
Conversation
susanharper-okta
requested review from
barbaravo-okta,
brentschaus-okta,
emikhasyak-okta,
grahamsmith-okta,
ishan-krishna-okta,
janethu-okta and
paulwallace-okta
as code owners
Acrolinx scoreA minimum Acrolinx Score of 80 is required. The total score is an average of the subscores.
Successfully checked 4 of 4 documents. Reopen the pull request or push new changes to check again. Depending on the Acrolinx server configuration, the |
|
|
||
| * An [Okta Integrator Free Plan org](https://developer.okta.com/signup/) | ||
| * Super admin privileges to modify user profile policies and Universal Directory | ||
| * An existing OIDC app integration in your Okta org |
Contributor
There was a problem hiding this comment.
Suggested change
| * An existing OIDC app integration in your Okta org | |
| * An existing OIDC app integration in your org |
|
|
||
| Self-service registration (SSR) for your apps is turned off in the default user profile policy of your org. This is because many workforce apps are assigned users centrally and therefore don't require a "Create an account" or "Sign-up" button. | ||
|
|
||
| Configure an SSR flow in your Okta org so that users can independently sign up using a custom enrollment form and a sign-up link. This configuration enables you to automate group assignments and manage security by enforcing email verification and authenticator enrollment policies. |
Contributor
There was a problem hiding this comment.
Suggested change
| Configure an SSR flow in your Okta org so that users can independently sign up using a custom enrollment form and a sign-up link. This configuration enables you to automate group assignments and manage security by enforcing email verification and authenticator enrollment policies. | |
| Configure an SSR flow in your org so that users can independently sign up using a custom enrollment form and a sign-up link. This configuration enables you to automate group assignments and manage security by enforcing email verification and authenticator enrollment policies. |
|
|
||
| Configure an SSR flow in your Okta org so that users can independently sign up using a custom enrollment form and a sign-up link. This configuration enables you to automate group assignments and manage security by enforcing email verification and authenticator enrollment policies. | ||
|
|
||
| To enable a sign-up flow for your app and give Okta enough information to power it: |
Contributor
There was a problem hiding this comment.
Suggested change
| To enable a sign-up flow for your app and give Okta enough information to power it: | |
| To enable a sign-up flow for your app and give Okta enough information to power it, complete the following steps: |
| To enable a sign-up flow for your app and give Okta enough information to power it: | ||
|
|
||
| * Create a user profile policy that enables SSR. | ||
| * Create a profile enrollment policy that defines the user information they need to supply and how it's stored. |
Contributor
There was a problem hiding this comment.
Suggested change
| * Create a profile enrollment policy that defines the user information they need to supply and how it's stored. | |
| * Define the information that the user needs to supply. |
- Defining the UD attributes that users need to supply is done through the user profile policy.
- Not sure if the user profile policy can control how user information is stored.
Profile enrollment is a concept but not a policy, AFAIK. https://help.okta.com/oie/en-us/content/topics/identity-engine/policies/about-ssr-and-pe.htm
| * Create a profile enrollment policy that defines the user information they need to supply and how it's stored. | ||
| * Create an authenticator enrollment policy that defines the required authenticators for your app. | ||
|
|
||
| > **Note**: This doc assumes that you have already designed your SSR flow and are ready to configure it. See [Plan self-service registration flows](https://developer.okta.com/docs/concepts/self-service-registration/) to learn how various policies, Universal Directory, and optional scripts combine to influence the SSR flow. For information on how to plan your SSR flow, see [Design your sign-up flows for different types of users](BRENT). |
Contributor
There was a problem hiding this comment.
Suggested change
| > **Note**: This doc assumes that you have already designed your SSR flow and are ready to configure it. See [Plan self-service registration flows](https://developer.okta.com/docs/concepts/self-service-registration/) to learn how various policies, Universal Directory, and optional scripts combine to influence the SSR flow. For information on how to plan your SSR flow, see [Design your sign-up flows for different types of users](BRENT). | |
| > **Note**: This doc assumes that you have already designed your SSR flow and are ready to configure it. See [Plan self-service registration flows](/docs/concepts/self-service-registration/) to learn how various policies, UD, and optional scripts combine to influence the SSR flow. For information on how to plan your SSR flow, see [Design your sign-up flows for different types of users](BRENT). |
|
|
||
| Create a user profile policy before configuring your app to authorize user-led account creation and define data collection requirements. | ||
|
|
||
| 1. Go to **Security** > **User Profile Policies** in the Admin Console. |
Contributor
There was a problem hiding this comment.
Suggested change
| 1. Go to **Security** > **User Profile Policies** in the Admin Console. | |
| 1. In the Admin Console, go to **Security** > **User Profile Policies**. |
| 1. Click the **Apps** tab and click **Add an App to This Policy**. | ||
| 1. Click **Apply** next to your app, and then click **Close**. | ||
|
|
||
| > **Note**: Email verification is required by default. If you would prefer to not verify the user's email as part of the registration process, clear that option. |
Contributor
There was a problem hiding this comment.
This note should be moved to ### Enable SSR I think, since the setting is available in the Enrollment tab.
|
|
||
| To require user information in addition to name and email, add attributes to the profile enrollment form in your user profile policy. Users are prompted for information only if a required value is missing and progressive profiling is enabled (the default value). | ||
|
|
||
| 1. In the **Profile enrollment form** section of your policy, click **Add form input**. |
Contributor
There was a problem hiding this comment.
Add a step here?
- Go back to your user profile policy and click the pencil icon.
| ### Create an authenticator enrollment policy | ||
|
|
||
| Part of self-registration is the user setting up authenticators (for example, email, phone) that they use to validate their identity when they sign in. Create an authenticator enrollment policy to manage how and when your end users enroll authenticators when they sign up. |
Contributor
There was a problem hiding this comment.
Suggested change
| Part of self-registration is the user setting up authenticators (for example, email, phone) that they use to validate their identity when they sign in. Create an authenticator enrollment policy to manage how and when your end users enroll authenticators when they sign up. | |
| Part of self-registration is the user setting up authenticators (for example, email or phone) that they use to validate their identity when they sign in. Create an authenticator enrollment policy to manage how and when your end users enroll authenticators when they sign up. |
| 1. To add authenticators, click **Add authenticator**. See [Multifactor authentication](https://help.okta.com/okta_help.htm?type=oie&id=ext-about-authenticators) for detailed information on the supported authenticators. | ||
| 1. To create your authenticator enrollment policy, click the **Enrollment** tab. Then, use [Create an authenticator enrollment policy](https://help.okta.com/okta_help.htm?type=oie&id=ext-create-mfa-policy) to configure your policy. | ||
|
|
||
| > **Note**: When you set the values for specific authenticators, use **Optional** for some to allow users to choose their preferred factors during the sign-up process. |
Contributor
There was a problem hiding this comment.
Suggested change
| > **Note**: When you set the values for specific authenticators, use **Optional** for some to allow users to choose their preferred factors during the sign-up process. | |
| > **Note**: When you set the values for specific authenticators, use **Optional** for some to allow users to choose which authenticators to enroll during the sign-up process. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description:
Resolves:
Netlify Preview Link:
(https://preview-5986--reverent-murdock-829d24.netlify.app/docs/guides/enable-configure-signupform/main/)