Test the Self-Service Registration upgrade
Self-Service Registration (SSR) is an Early Access feature in Classic Engine that lets orgs host their customized self-registration form in a Sign up link in the Sign-In Widget.
When you upgrade to Identity Engine, the SSR feature is replaced with the profile enrollment policy. This functionality lets end users self-register with either the Sign-In Widget (hosted by Okta) or with an embedded solution using an array of SDKs. The profile enrollment policy also lets you incrementally collect profile data as new users engage with other applications.
Before you begin
If you enabled the SSR feature in Classic Engine, there’s no action required for you to upgrade. However, it’s imperative that you test the new registration experience on a Preview environment before you upgrade in Production. This gives you visibility into the customizations and configurations you’ll need to recreate after the upgrade.
There’s a different test plan for each sign-in experience. Start by determining which Sign-In Widget your org uses.
Okta-hosted Sign-In Widget with no custom domain
This is the most common sign-in experience model.
Upgrade your Classic Engine org in a Preview environment, and then test the profile enrollment policy. No additional action is required.
Okta-hosted Sign-In Widget with custom domain
Create an upgrade runbook. Document all styling changes:
Reordering or visual changes that extend beyond the core branding options
Overriding default flow changes
Optional. If you don’t have a Preview environment, use tenant provisioning to create an Identity Engine sandbox (you can also do this through the Developer Sign-Up page). Copy your Okta-hosted Sign-In Widget to the sandbox.
Upgrade your Classic Engine org in a Preview environment.
Test the profile enrollment policy.
Refer to your runbook for customizations and styling.
Embedded Sign-In Widget
If your org embeds the Sign-In Widget into an application with the registration feature enabled, you can't upgrade to Identity Engine with it. Upgrade to version 5.11.0 of the Sign-In Widget and then enable the interaction code as your grant type.
If you don't know where you Sign-In Widget is embedded, you can search with the CORS filter.
In the Admin Console, go to .
In the Trusted Origins tab, select the CORS filter.
Review the Origin URLs column to determine where your Sign-In Widget is hosted (there can be multiple instances).