Redirect to Application After activation

dotnet

#1

HI,

We have a created a custom MVC .NET application that integrates with OKTA (using OpenID connect as the protocol). In our new user registration page currently, we collect the user information and call the OKTA SDK (Okta.Core) dlls to create a user :

var user = new User(model.Login, model.Email, model.FirstName, model.LastName);
user = usersClient.Add(user, true);

This currently sends an activation email. After the user activates the account (sets a password and other profile information), we would like to have the user redirected to our custom application. Is there a way to specify this in the admin console or via code currently?

We see a similar posting being created, but not sure if this has been resolved :
https://devforum.okta.com/u/activate-account/8ca57334804653b7f749750f6646b2c4

Thanks
Kay


#2

Hey Kay,

There are a few ways to handle your question. The first is to look at Tom’s response here: Redirect to Login or Application After Activation

If you were to use Tom’s proposed flow, your app would be in-charge of displaying screens to complete the registration of the user via Okta’s APIs after you received back the activationToken (his flow assumes user is created with a password).

If you don’t want to handle the setting of the password on your screens you can setup your Okta activation emails to redirect after activation. The redirect url must be a Okta relative url:

${activationLink}?fromURI=/home/oidc_client/0oaa0my1wynLvWVDS0h7/aln5z7uhkbM6y7bMy0g7

The drawback to this is that ALL activation emails from your Okta org will be sent to this url. If you have any other types of users in your org setting the password in your application probably makes the most sense for you.


#3

Hi,

Thanks for your response. We were hoping to avoid capturing the password in our custom application for security reasons and hence was redirecting the OKTA activation link. Also the 2nd approach of redirecting the url will not work if all activation emails (for other applications as well) will be sent to this url. Are there any other “work in progress” solutions for this feature and if so do you happen to know the timelines of release etc., since from the other post it looks like there are other clients as well looking for this feature.
Thanks
Kay


#4

Hey Kay,

As Tom mentioned in the link I posted one potential solution we are working toward releasing soon (not sure on exact date) is our Self-Service Registration.

  • Registration-as-a-service - a set of API calls that will allow you to sign up users on front ends, like web apps and mobile apps. This will operate in two modes

    • Email Verification required - the user MUST activate by verifying their email

    • Email Verification deferred - the user is allowed to login without verifying their email

  • Email Verification-as-a-service - a set of API calls that allow you to send emails to your end-users and will store application context so that Okta can take action and get back to your application.

Does this sound like more of the use case you are trying to support?


#5

Yes,
•Email Verification-as-a-service - a set of API calls that allow you to send emails to your end-users and will store application context so that Okta can take action and get back to your application.
Is what we are looking for. Do we have approximate timelines around which this will be released - 6 months vs 9 vs a year?

Thanks
Kay