Test the Self-Service Registration upgrade

Self-Service Registration (SSR) is an Early Access feature in Classic Engine that lets orgs host their customized self-registration form in a Sign up link in the Sign-In Widget.

When you upgrade to Identity Engine, the SSR feature is replaced with the profile enrollment policy. This functionality lets end users self-register with either the Sign-In Widget (hosted by Okta) or with an embedded solution using an array of SDKs. The profile enrollment policy also lets you incrementally collect profile data as new users engage with other applications.

Before you begin

If you enabled the SSR feature in Classic Engine, there’s no action required for you to upgrade. However, it’s imperative that you test the new registration experience on a Preview environment before you upgrade in Production. This gives you visibility into the customizations and configurations you’ll need to recreate after the upgrade.

There’s a different test plan for each sign-in experience. Start by determining which Sign-In Widget your org uses.

Okta-hosted Sign-In Widget with no custom domain

This is the most common sign-in experience model.

Upgrade your Classic Engine org in a Preview environment, and then test the profile enrollment policy. No additional action is required.

Okta-hosted Sign-In Widget with custom domain

If you use the Okta-hosted Sign-In Widget with a custom domain, your sign-in page may be customized with cascading styles and JavaScript. Review JavaScript for deprecated capabilities or functionality that may be impacted. See Upgrade your Sign-In Widget.

If you don’t have custom JavaScript, upgrade your Classic Engine org in your Preview environment, and then test the profile enrollment policy. No additional action is required.

If you do have custom JavaScript, complete the following steps.

  1. Create an upgrade runbook. Document all styling changes:

    • Reordering or visual changes that extend beyond the core branding options

    • JavaScript wrap/extensions to the Sign-In Widget (App context, view detection)

    • Overriding default flow changes

  2. Optional. If you don’t have a Preview environment, use tenant provisioning to create an Identity Engine sandbox (you can also do this through the Developer Sign-Up page). Copy your Okta-hosted Sign-In Widget to the sandbox.

  3. Upgrade your Classic Engine org in a Preview environment.

  4. Test the profile enrollment policy.

  5. Refer to your runbook for customizations and styling.

Embedded Sign-In Widget

If your org embeds the Sign-In Widget into an application with the registration feature enabled, you can't upgrade to Identity Engine with it. Upgrade to version 5.11.0 of the Sign-In Widget and then enable the interaction code as your grant type.

If you don't know where you Sign-In Widget is embedded, you can search with the CORS filter.

  1. In the Admin Console, go to SecurityAPI.

  2. In the Trusted Origins tab, select the CORS filter.

  3. Review the Origin URLs column to determine where your Sign-In Widget is hosted (there can be multiple instances).


Related topics

Sign-In Widget

Self-Service Registration