Overview of Self-Registration Profiles

Use self-registration profiles to create accounts in a verified or unverified state. Customize the self-registration process by specifying the user's email domains allowed when self-registering, and adding header, footer, success, and user consent text.

Introduction

Using self-registration profiles, you can:

  • Create a self-registration consumer flow that allows users to create an account in a verified state. Use the REST API to turn off the activationEmailRequired option. The user can then directly sign in using a username and password to authenticate.

  • Create a self-registration partner flow that allows users to create an account in an unverified state. Use the REST API to turn on the activationEmailRequired option so that a user receives a link in the welcome email to verify the user. After the user clicks this link, the user's state is changed to verified and the user can sign in.
  • Delete profiles using the user interface or the REST API.

  • Specify whether users are prompted and must accept a user consent before self-registering.

  • Assign groups to a profile so that users are assigned to all the groups that are part of that profile.

  • Specify the user's email domains allowed when accessing the self-registration process. Only users with access to these specific email domains are allowed to register.

  • Customize the self-registration login page with your header and footer logos.

  • Customize the header, footer, success, and user consent text.

This section contains the following topics:

Required Policy or Role

To create self-registration profiles, you must have one of the following access grants:
  • Be a member of the Administrators group
  • Be granted the Identity Domain Administrator role
  • Be a member of a group granted manage domains

To understand more about policies and roles, see The Administrators Group, Policy, and Administrator Roles, Understanding Administrator Roles, and IAM Policies Overview.