Hello - I am trying to understand if the flow that I am experiencing is typical / expected.
What I was hoping to accomplish was the ability to create STAGED users via API without setting a password. The idea would be that the user would click the link emailed to them, set their password, and then be redirected to the URL of our choice (the app) signed in. If they had to re-sign in that would also be fine.
Unfortunately, while the first part works, I am finding that because we have blocked access to the end-user dashboard, the user is unable to activate the account and set a password. I believe this is because the target application is the End User Dashboard and we have explicitly denied this access.
Is this the expected behaviour? Is it possible to create a credential-less user, who can set their password later, without granting them access to the end user dashboard?
Thanks.