User identification policy guide#6235
Conversation
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
- Add activate/update to unsupported direct operations - Lowercase 'user identification policy' in prose and error string - Update Okta FastPass not-enabled error message - Remove deprecated settings.showSignInWithOV override note (no longer allowed) - Add mappings link to list policies response example - Add ACCESS_POLICY response example with userIdentificationPolicy link - Diagram step 7: specify Okta FastPass enabled
This comment was marked as outdated.
This comment was marked as outdated.
Add deactivate lifecycle link and _embedded.resourceType per Arsalan's real org response. UIP example already matched.
This comment was marked as outdated.
This comment was marked as outdated.
…ntry
Two back-to-back object literals broke the eval in build-overview-pages.js
(Unexpected token '{'), failing the site build.
This comment was marked as outdated.
This comment was marked as outdated.
- Add 'Test your policy with policy simulation' section to the user identification policy guide (per Arsalan's feedback that simulation now includes this policy type) - Clarify that rules can be created and updated but not deleted - Add user identification policies to the supported types list in the policy simulation guide Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
Corrected per Arsalan's feedback: only the default rule can't be deactivated or removed; non-default rules can be created, updated, and deleted. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
…equence diagram Per Arsalan's feedback, the global gate (OV configured + FastPass enabled) is now shown as an explicit call/response to the Okta Verify authenticator rather than a self-loop footnote. Also updates the image alt text. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
…next steps - Rename "Sign in with Okta Verify" button to "Sign in with Okta FastPass" throughout guide, concepts page, and SVG diagram (button name change) - Remove ASOP acronym from SVG participant box subtitle - Clarify developers manage rules only; add multi-policy pattern guidance - Add System Log query link to guide intro - Add HTML comment flagging showSignInWithOV field name as potentially unstable before GA - Add Next steps section with links to related guides Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
Remove speculative TODO comment about the field name possibly changing before GA. Per API team (Arsalan), showSignInWithOV matches an existing Authenticators API naming convention and was intentionally kept as-is. Add a reader-facing note explaining why the field still says "OV" even though the button is now branded as Okta FastPass. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
This comment was marked as outdated.
This comment was marked as outdated.
|
@arsalanbadar-okta @andreeajurj-okta @grahamsmith-okta — re: the Arsalan clarified that |
Match the repo-wide bold-link-colon convention instead of an em dash.
Acrolinx scoreA minimum Acrolinx Score of 80 is required. The total score is an average of the subscores.
Successfully checked 5 of 5 documents. Reopen the pull request or push new changes to check again. Depending on the Acrolinx server configuration, the |
Description:
What's changed?
Adds a new guide, Configure a user identification policy, covering how to use the Policies API to manage user identification policies (
USER_IDENTIFICATIONtype). The guide explains that the policy maps one-to-one to an app sign-in policy, is auto-managed alongside it (no direct create/map/clone/delete), and that you manage only its rules. It walks through finding the policy, reviewing the default rule, and creating/updating a rule to show or hide the Sign in with Okta FastPass button viashowSignInWithOV(ALWAYS/NEVER), including platform/network conditions and the FastPass prerequisite.Changes:
docs/guides/user-identification-policies/(index.md+main/index.md)img/user-identification-policies/uip-evaluation-sequence.svg, embedded in the About sectiondocs/guides/index.md)docs/concepts/policies/index.mdReview-round updates:
showSignInWithOVfield name still references "OV": it matches the existing Authenticators API naming convention and wasn't renamed for the FastPass rebrand (per Arsalan)ALWAYSprerequisite (Okta Verify configured + FastPass enabled) and the resulting error messageIs this PR related to a Monolith release?
Yes — 2026.08.0. The feature is behind the
USER_IDENTIFICATION_POLICYfeature flag (EA). API spec: okta-oas3#3413 (OKTA-1177885).Resolves:
Netlify Preview Link:
Netlify preview