We manage external users in Okta, domains like customerdomain1, customerdomain2 , and personal domains also, Gmail, yahoo, Hotmail. Now there’s a requirement from management to block all personal domains. So, just looking how other clients using okta are handling this. and do they allow personal domains in non-prod okta environment? I know this is not technical, but would like to check if anyone handled similar kind of requirement before in Okta.
You could add a Registration inline hook to accept/deny registration requests based on user domain.
Sample deny response:
{
'commands':[
{
type: 'com.okta.action.update',
value: {
'registration': 'DENY',
},
}
],
'error': {
'errorSummary':'Personal emails cannot be used for registration.',
'errorCauses':[{
'errorSummary':'Personal emails cannot be used for registration. Use your company email to register',
'reason':'INVALID_EMAIL_DOMAIN',
'locationType':'body',
'location':'data.userProfile.email',
'domain':'end-user'
}]
}
}
References:
1 Like
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.