Hi @Unkis @NAMRATA
The organization registration can be treated as a group. When a user registers an organization, the group will be created in your Okta tenant and he will assigned as a group administrator.
Group administrators are allowed, as mentioned here, to create and manage users that are in the group they are administrating.
By default, the username needs to be in the format of an email. To remove this restriction, you can go in Okta administrative panel to Directory/Users >> Profile Editor >> select “Okta” from sidebar >> Profile >> click on the information icon for Username >> change “Format restrictions” to “None”.
If you do not see the “Format restrictions” section, it means that the self service registration option has been enabled for your account. You will need to have it disabled in order to remove the email format restriction.
To remove the restriction, please send an email to email@example.com and ask for the features
UD_MAP_FIELD_TO_LOGIN to be disabled.
This operation consists of two main operations:
- authenticate the user using the username and password
- if authentication is successful, check the organization id provided by the user against the group he is part of (if they match, the user should be allowed access)