yrawz (yrawz) asked a question.
My organization uses an Okta-Hosted Custom Log-in page for one of our applications. On this login page, we have the "remember me" checkbox enabled. When this box is checked and a user returns to the login screen, the input for the user's email/username is disabled. The only way to edit the email used to login is to uncheck the Remember Me box, log in with the last provided username (as unchecking the box does not re-enable the input), and log back out. This makes it impossible for users who may borrow a computer to log in, and a headache for developers who may need to log in with test accounts rather than as themselves at times if the feature is used.
We have another application where we use the sign-in widget, and the remember me box does not behave this way. It simply pre-populates the textbox with the last username, but does not prevent it from being changed or edited. We are unable to migrate the app using the Login Page to the widget at this time, but this is the behavior we would like the Remember Me box to have in both instances.
Is there a setting to alter the behavior of the Login page so that it doesn't disable the Email Input but still remembers the last username when "Remember Me" is checked? Or perhaps one that allows the last username to be changed if you uncheck the box? I'd love to solve this the "easy" way if there is one before I write a bunch of custom code to try to workaround this odd behavior.
Thank you!
Hello, thank you for contacting Okta Support.
Based on the behavior you are describing, it sounds like you may have directed your logout URL to https://YOURDOMAIN.okta.com/signin/verify/okta/password, however if this is not the case than this issue warrants further investigation.
Please open a ticket with our support team at: https://support.okta.com/help/s/opencase so we can investigate this issue further.
Thank you,
Andrei Niculae
Technical Support Engineer
Hello!
Thank you for your response. I was able to finally determine our problem and it was not on Okta's side at all. We have IDP discovery turned on and were, in certain cases, pre-populating the username field with the user's email and then triggering a click event on the "next" button so that users logging in from a different IDP than Okta would have the effect of being routed directly to their own login page after clicking certain links rather than "pit-stopping" at our login page. Our manual bypass in these instances was responding the same if an email was pre-filled from the "remember me" function as it was from our pre-filling logic. Our url does not match what you suggest so I'm not sure, but it sounds like you were right on about the general cause of the issue.
Thank you!