I’m trying to use the Signin Widget (all client side) for a login and signup UI, and have two questions.
Using the signup flow, after selecting a email and password it takes you to the optional MFA setup, which we aren’t using for this particular application. How can we bypass this step so that the flow is completed after successful email/password created, and completing the showSignIn promise? With the optional MFA set up form step, the promise does not complete until clicking the continue button.
If the user starts out on say the login form but clicks the “Don’t have an account? Sign up” to take them to the signup form, how can you determine which flow/form was completed on the showSignIn promise? Either way, the promise returns the token object with a status: "SUCCESS".
Adding to question 1, we’ve checked the Org’s Authentication Policies relating to this particular Application and the only Rule is the following:
IF Any request THEN Access: Allowed with password
Your org's authenticators that satisfy this requirement:
Password
Authentication methods:
Allow any method that can be used to meet the requirement
Re-authentication frequency is: Every 30 days
And under the Password Authenticator the only rule is:
IF User's IP is Anywhere
THEN Users can perform self-service
[x] Password change (from account settings)
[x] Password reset
[ ] Unlock account
Recovery Authenticators
AND Users can initiate recovery with
[ ] Phone (SMS / Voice Call)
[x] Email
[ ] Google Authenticator
AND Additional verification is
[x] Not required
Regardless it always shows the MFA enroll form with “Email”, “Google Authenticator” and “Okta”, requiring the “Continue” button to be clicked before completing signup flow.
It sounds as if features.multiOptionalFactorEnroll: false would have done this but that has been deprecated. What’s the equivalent method in the upgraded/current Widget?
Note: we are currently testing against the CDN hosted 7.25.1 (have tried oie and standard).