Collect profile information and register users

Configure profile enrollment policies to collect data from end users when they attempt to access an app and allow users to self-register.

Before you begin

  • You must have a super admin role to modify profile enrollment policies.

  • If you plan to use an inline hook as part of your registration process, add it to your Okta flow. See Inline hooks.

Procedure

  1. In the Admin Console, go to SecurityProfile Enrollment.
  2. Find the policy that you want to update and click its Edit icon.

  3. In the Profile Enrollment section, click Edit.

  4. Indicate whether the policy allows or denies self-service registration.

    • Allowed: Users can self-register their Okta account through the Sign up link on the Sign-In Widget. In progressive enrollment scenarios, Okta allows self-service registration with more profile enrollment attributes. Existing users are prompted for missing attributes the next time they sign in.

    • Denied: Users create their Okta account through another method. In progressive enrollment scenarios, Okta hides the Sign up link but prompts users for missing attributes the next time they sign in. See New sign-in experience.

  5. Enable or disable progressive profiling in the policy.

    • Enabled: Users are prompted for missing attributes when they register or the next time they sign in, depending on the previous selection.

    • Disabled: Users must update their profiles through another method. They're not prompted for profile attributes.

  6. Early Access. Select Password if you want the Sign-In Widget to show the password entry field on the first page during enrollment. Password must be a mandatory authenticator.

  7. Select Email verification if you want the end user to verify their account through an automated email sent to the address they provided. Until they complete this step, they can't access the app integrations that use this policy. Orgs that use password-optional authentication require email verification.

  8. In the Add user to group field, enter the groups you want the user automatically added to.

  9. To use an inline hook as part of your registration process, select it from the Use the following inline hook dropdown.

If you enabled the Self-Service Registration with Password feature, Okta validates the user's profile and password before the inline hook is triggered.

  1. If you selected an inline hook, indicate when it should run:

    • When a new user is created: This trigger occurs during a self-service registration request.

    • When attributes are collected for an existing user: This trigger occurs during a progressive enrollment sign-in request.

    • Both: This trigger occurs during a self-service registration request and also during a progressive enrollment sign-in request.

  2. In the Customize label section, complete the following fields.

    • Form header: The text at the top of the form. For example, Sign in or Log in to your account.

    • Submit button: The text on the confirmation button. For example, Submit or Log in.

  3. Click Save.

Related topics

Select a profile enrollment policy