<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
Username and Password Fields Not Displayed on the Okta Sign-In Widget
May 27, 2026
Administration
Okta Identity Engine
Overview

This article explains why the sign-in widget displays a two-page login process instead of a single-page one. In this scenario, the first page requests only the username, while the second page requests the password.

 

One-page LoginTwo-page Login
One-page LoginTwo-page Login

 

Applies To
  • Okta Identity Engine (OIE)
  • Global Session Policy (GSP)
  • Okta Sign-In Widget
  • Identity Provider (IdP) Routing Rules
Cause

If a Global Session Policy (GSP) is configured to Any factor used to meet the Authentication Policy requirements, the sign-in widget changes to accommodate passwordless authentication. This change applies to all end users in the tenant. The widget must evaluate passwordless users before password-enabled users, which triggers the two-page login flow.

 

Additionally, if an Identity Provider (IdP) Routing Rule is active, the sign-in widget will default to the two-page login flow. The widget must first collect the username to evaluate the routing rules and determine whether the user should be authenticated locally or redirected to an external Identity Provider.

Solution

To display the username and password fields on a single page within the sign-in widget, ensure all rules in the GSP are configured to establish the user session with a password.

  1. Navigate to the Global Session Policy.
  2. Set Establish the user session with to A password.

Establish the user session with: A password 

 

If the two-page login persists, verify the Multi-Factor Authentication (MFA) settings:

  1. Go to Security > General.
  2. Locate the Protect against password-based attacks section.
  3. Ensure the Require possession factor before password during MFA option is not enabled.

Require possession factor before password during MFA 

NOTE:

    • If Require possession factor before password during MFA setting is enabled, the sign-in widget defaults to multiple pages because the user must be verified with a possession factor before the system prompts for a password.
    • If IdP Routing Rules are configured and required for the organization, the two-page login is the expected behavior and cannot be bypassed. To revert to a single-page login, the active routing rules should be evaluated to determine if they are strictly necessary. If they are not, disabling the routing rules (under Security > Identity Providers > Routing Rules) will allow the widget to display the username and password on the same page.

Recommended content

Still looking for help?
Loading
Username and Password Fields Not Displayed on the Okta Sign-In Widget