Redirect to Login or Application After Activation

I also need to redirect a user after successful activation. Can someone help with this?

We have some APIs in development that will help with this.

In the meantime, you will need to modify the email template to point to your application, handle the activation token and issue a 302 redirect by hand.

The API call is below:
https://developer.okta.com/docs/api/resources/authn#primary-authentication-with-activation-token

I’m also in need of this functionality. @tom any progress on the API changes for this?

Has this functionality been added? Is there any way to use an additional parameter like redirectURL or fromURI added to ${activationLink} ?

2 Likes

Just want to add my vote of interest on this one, too.

This is getting a lot of heat. Let me talk about how you can do this today. I should have put this information in here before, I left out the information on what you need to do to the email.

There is another email macro you can use, I think y’all are aware of ${activationLink}, there is also ${activationToken}.

With this, you can modify the activation email to point to your own application:

https://myapplication.com/activate?token=${activationToken}

After your application gets the token, you can activate the user by an API call: Primary authentication with activation token

From here, you can get the sessionToken and exchange it for an id_token and/or access_token as normal using the authorization route:

https://developer.okta.com/docs/api/resources/oidc#authorize

Let me know any questions about this, we are still working on pulling our email verification and activation APIs so they can work correctly for OIDC flows. This is the workaround we have for now

I’m assuming then we need to provide the welcome flow so that user can set a password, security question, etc?

Or collect that information upfront when you create the user:
https://developer.okta.com/docs/api/resources/users#create-user-with-password--recovery-question

This is exactly the thing we were trying to avoid building and why we signed up with okta.

3 Likes

Totally understand. So you want to use the Okta welcome wizard to collect the password and security question? Or just the password?

The way we were looking at this and what we are currently working on is providing:

  • Registration-as-a-service - a set of API calls that will allow you to sign up users on front ends, like web apps and mobile apps. This will operate in two modes
    • Email Verification required - the user MUST activate by verifying their email
    • Email Verification deferred - the user is allowed to login without verifying their email
  • Email Verification-as-a-service - a set of API calls that allow you to send emails to your end-users and will store application context so that Okta can take action and get back to your application.

What is currently out of scope for this, is attempting to disconnecting the welcome wizard from the IT product. The current silo is that the welcome wizard is primarily part of the end-user chiclet and the IT admin application.

That being said, we do want to allow the Okta widget to allow for activation flows (collect password after user creation), regardless if it is used on the hosted login page or if you decide to host the widget itself. Does that handle your requirement?

1 Like

Yes these are the exact use cases I am looking for. I want the user to activate their account by verifying their email and setting their password, then the activation flow will redirect back to my application for login/sso to the dashboard.

Since I have heavy use of emails and I’m also paying for that service I want to ensure only valid emails are being used. I feel like that’s pretty standard

1 Like

I would like the okta sign in widget to handle registration. That way I can customize the activation link in the email to hit our app and just notify the widget that it should go into user activation mode.

More api’s are great if you want to build registration and login gui. I don’t want to build any of that.

I need this functionality as well. I want to use OKTA so I don’t have to build all this additional functionality on this end. I’m very surprised this isn’t available at this time.

Hi @jbd4jc,

Help me understand your requirements. Mind answering this questions?

and

@tom ,

I need to import users via csv (which initiates an email to them to activate their account). Once they activate and set a password (in OKTA), I would like to send them back to my application. Ideally at that point they would be logged in and I could perform necessary logic on their account info from there.

Joel

2 Likes

@tom, I don’t want my users to end up at https://xxxxxxxx.oktapreview.com/app/UserHome and don’t want users to see this:

I would be okay with users seeing that page if I could add a link to my application here. I can’t seem to figure out how to do that. I want to add a custom app, not an enterprise level app since this tool I’m building is for B2B purposes.

2 Likes

Well, I figured out how to add an additional app to that screen, but it’s a clunky experience for what I’m trying to do. I am just building a custom application that uses OKTA as an auth provider, then sends profile data on to another application.

@jbd4jc How did you manage to get your app to show up on your users’s Okta home page? I tried adding the app to various groups but still nothing is showing up.

Thanks,
Jared

@jarbot I created a test SPA application but ended up deleting it. I am not sure how I added it now. Sorry for not being much help. I went in and tried adding a new app to retrace my steps but don’t recall where it is. You may want to try going into the classic dev console. I think some of the menu’s were a little more intuitive.

I think it may be under the self service menu under Applications in the classic dev console.

@jbd4jc Thank your for trying and all the extra details. I think you’re right about the “self service” menu. For some reason my app is disabled for self service access “This app is ineligible for self-service”.

The down side to this is my users hit a dead-end Okta page where my App is no where to be found.