Greetings!
We have a scenario where users can use self-service to change their passwords in Okta. However, before changing the password, we need to perform a custom validation with an external service. How can I achieve this? My organization is using the Okta Identity Engine.
The basic idea would be:
- The user changes their password through self-service.
- Okta calls my web service, sending the “event” along with the password.
- In the web service, I call the external validator.
- If the password is valid, the operation succeeds; if it is invalid, it fails.