Collect profile information and register users

Configure user profile policies to collect data from end users when they attempt to access an app and allow users to self-register.

Before you begin

  • You must have a super admin role to modify user profile policies.

  • If you plan to use an inline hook as part of your registration process, add it to your Okta flow. See Inline hooks.

  • Email verification for self-service registration doesn't support grace periods. If you enabled the authenticator enrollment policy grace periods feature, set the email grace period to None.

Create a user profile policy

  1. In the Admin Console, go to SecurityUser Profile Policies.

  2. Find the policy that you want to update and click its Edit icon.

  3. Go to the Enrollment tab.

  4. In the Profile Enrollment section, click Edit.

  5. Indicate whether the policy allows or denies self-service registration.

    • Allowed: Users can self-register their Okta account through the Sign up link on the Sign-In Widget. In progressive enrollment scenarios, Okta allows self-service registration with more profile enrollment attributes. Existing users are prompted for missing attributes the next time they sign in.

    • Denied: Users create their Okta account through another method. In progressive enrollment scenarios, Okta hides the Sign up link but prompts users for missing attributes the next time they sign in. See New sign-in experience.

  6. Enable or disable progressive profiling in the policy.

    • Enabled: Users are prompted for missing attributes when they register or the next time they sign in, depending on the previous selection.

    • Disabled: Users must update their profiles through another method. They're not prompted for profile attributes.

  7. Early Access. Select Password if you want the Sign-In Widget to show the password entry field on the first page during enrollment. Password must be a mandatory authenticator.

  8. Select Email verification if you want the end user to verify their account through an automated email sent to the address they provided. Until they complete this step, they can't access the app integrations that use this policy. Orgs that use password-optional authentication require email verification.

  9. In the Add user to group field, enter the groups you want the user automatically added to.

  10. In the Customize label section, complete the following fields.

    • Form header: The text at the top of the form. For example, Sign in or Log in to your account.

    • Submit button: The text on the confirmation button. For example, Submit or Log in.

  11. Click Save.

Related topics

Add apps to a user profile policy