Secondary email for authentication and recovery
After you upgrade to Identity Engine, learn about the changes to using a secondary email address for authentication and self-service account recovery.
Authentication prompt is only sent to the primary email address. The secondary email address no longer receives the authentication prompt.
Verification codes for account activation and recovery are sent to both primary and secondary email addresses.
|Admin experience||If you allowed both primary and secondary email addresses for authentication in Classic Engine, you must use an alternate authenticator such as biometric. You don’t have to do anything if you allow both email addresses for account activation or recovery.|
|User experience||If the user has the Email authenticator enrolled and if the policy allows it, the primary email address appears as an authenticator. The user receives account activation and recovery verification codes to primary and secondary email addresses.|
Create an authentication enrollment policy