<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
User Activation Flow with a Self-Embedded Widget
Jan 23, 2026
Okta Identity Engine
SDKs & Libraries
Overview

There is a web application (maybe even a public client) that uses a custom login page with an Embedded Sign-In Widget, and when testing the User Activation Flow, the activation template email is changed to use a custom activation URL, for example:

  • http://app.ourdomain.com/login?activationToken={activationToken}

The expected behaviour is that when the user visits this page, the activationToken is passed for authentication, allowing them to set their password.
Instead, when a new user receives an activation email from the custom-branded domain, they are redirected to the Okta-hosted login page and prompted to enter their username.

Applies To
  • Okta Identity Engine (OIE)
  • Embedded Widget
  • User Creation/Activation
Cause

The Activation Flow is not officially supported for a self-embedded sign-in widget. It is only supported using the following SDKs (for confidential clients only):

Solution

It is best to keep the two flows separated:

  1. Create a page for registration.
  2. Register the user via activationToken.
  3. Once registration is complete, return a 302 response to the embedded widget.
  4. User logs in.

Recommended content

Still looking for help?
Loading
User Activation Flow with a Self-Embedded Widget