Okta widget modification

Questions SAML
1

We have a requirememnt where we need a check box after Username and password in the sign in page which is used for the terms and condiftions agreement. I.E Sign in should be allowed for those users who check the check box, otherwise it should ask users to check it.

@tom I have seen your many responses regarding widget customisation. Can you help me with this.

Is there a way to add this. Any help is appreciated. Thanks in advance.

1 Like
2
  1. You could build a custom login page yourself and host it as well.
  2. Next you could configure your Okta application to use that custom login page (Under General > App Embed link options, say for a saml application).
  3. You can build the custom login page using the Okta signin widget, have your checkbox below the signin page.
  4. After login action, before you issue the redirect in the code, add a validation to see if the user has accepted the terms before issueing the redirect. I’m not sure if Okta signin widget has a callback before it does the actual sign-in
    oktaSignIn.renderEl(
        { el: '#okta-login-container' },
        function (res) {
            if (res.status === 'SUCCESS') {
                // HANDLE TERMS AND CONDITIONS CHECK
                res.session.setCookieAndRedirect('https://org-name.okta.com/home/<app_name>/0oa4x7wkpxxxHDG8N0x7/alm5xyyyyh8eH7M6dO0x6');
            }
        } 
    );

Ref:

  1. https://developer.okta.com/code/javascript/okta_sign-in_widget
  2. https://stackoverflow.com/questions/40170464/okta-signin-widget-with-saml
3

I have the same requirement as @rudupa but I am wondering if there is a way to add it to the sign in okta hosted login page as well.

@akapoor do you know?

Thanks in advance.

4

While I would also like this capability, I think that from a legal/compliance standpoint, you’re going to want to do this server-side (to capture their agreement specifically) rather than rely on a client-side control.

5

well, I won’t let a user sign up without accepting terms and conditions, therefore if a user sign up I don’t need to track anything server side.