User lookup using Webfinger API?

anleandr · December 2, 2025, 6:55pm

Hi all,

I’m exploring a way to know whether a user exists or not from the Okta Sign-In widget.
The use case is: “User enters the email, if it does not exist in Okta, show the registration flow, if exists, show the login/sign-in flow”
I’m wondering if the Webfinger API has a capability to let us know if the user is registered already (I know it’s intended for IdP discovery but I tried with a non-existing user and the result was the default IdP).
The reason I’m trying to avoid calling the Users API is because this request would be trigger in the frontend code, so I don’t want to expose any credentials/keys when making the FE request
If there’s any OOB functionality in the widget for this it would be awesome

Any help is truly appreciated

Anthony Leandro,
Splunk/Cisco

vk-giri · December 3, 2025, 12:32am

Hi,

I don’t think there’s an out-of-the-box way to do this. You would need to call the Users endpoint to determine whether the users exist in your Okta org.

Due to security considerations, user status can’t be determined directly from the SIW itself, since that would expose the risk of someone brute-forcing and gathering information about which users do or do not exist.

Post		Replies	Views
Inbound Federation using okta-auth-js SDK SAML reactjs , saml , oauth	7	3490	February 12, 2024
Unable to get User through /api/v1/users/${userId} API api , reactjs , react	2	3211	October 15, 2022
Validate user if it is assigned to an application on forgot password page in Sign In widget Questions	2	3079	February 8, 2024
Retrieving users in the organization with Okta API OAuth/OIDC	2	2414	September 20, 2022
Need help on searching user email or authenticate non admin users API	4	72	November 21, 2024

User lookup using Webfinger API?

Related topics