User getting activated before clicking on the activation link in mail

1. Create new user with username/password using API
2. User gets created in OKTA with status: STAGED.
3. Send Email with Activation/Verify link (Click on the link).
4. User gets activated only after verifying his mail ( and not before ).

Currently after sending POST request to /api/v1/users/${userId}/lifecycle/activate?sendEmail=true the user indeed gets an email but is set to status: ACTIVE before he clicks on the link.

Is there a way set the user status to ACTIVE only after he verify his mail?

Hello,

Can you create the user without a password. Once the user is activated and activate email is sent with a one time password. When clicked the user would then setup their password. So even though activating the user activates them, there is no way to login as that user without the one time password.