We want to do some testing on password self service. Can we enable and test on indivdual accounts, or as soon as we enable the global option, will all users will receive an e-mail and need to answer self service questions?
The Self Serice options are part of the Password Policies and Password Policies can be configured at the Group level so you should be able to create some test policies, assign them to a test group which would then apply to test user. For more informaiton please visit https://help.okta.com/en/prod/Content/Topics/Security/Security_Policies.htm.
I understand the policies would apply at logon, this was an enquiry to understand that if ticking the "users can unlock their active directory passwords in OKTA" was going to send an e-mail to all our users to populate relevant security questions before any policies were applied about whether they actually could. I want to avoid 400+ e-mails being turned out before we have tested.