Customer experience

Get a preview of how customers will interact with your applications and understand how self-service capabilities empower them to manage personal information, account security, and privacy.

Concepts

Confirmed email address: the email identifier (valid from registration) or the primary email address enrolled as an MFA authenticator. The primary email address is confirmed during enrollment by a one-time passcode.

Confirmed phone number: the primary phone number enrolled as an MFA authenticator. The primary phone number is confirmed during enrollment by a one-time passcode.

Registration

Customer journey

Self-Service Registration provides the ability for customers to create their accounts to access your application(s).

The Default self-service policy comes with the registration capability enabled. Self-registered accounts are created in the application's Default identity store if the store is not changed.

Account activation

You can make self-registering customers go through account activation before letting them log in for the first time.

When account activation is enabled, customers receive a magic link to the email address they've provided as an identifier where they can confirm their registration.

βœ…

It's all set: a functioning application is always ready to send out account activation emails the moment you enable this self-service option. For further information see Setup and Manage Customer Notifications.

πŸ›‘

Account activation is not available for identity stores that only support the 'Username' identifier.

Account invitation

Account recovery

You can offer customers several recovery options to re-gain access to their accounts before they decide to contact your help desk or customers service.

Username reminder

Customer journey

Let your customers ask for a username reminder at login. Depending on which identifiers are required of them by the identity store, customers will be sent the reminder at

  • the email address they have in their personal information
  • or the email address they use as an identifier

if they successfully provide a matching email address in the username reminder flow.

🚧

Only enable this recovery option if your application's identity store requires a username identifier.

βœ…

Add your branding to username reminders: go to Customizing Email Templates for customization options.

Password reset

You can let your customers reset their password during the login workflow in case they can't remember it.

Customers can request a new password in more than just one way:

If they have a confirmed email address, customers are sent a secure one-time link. The link directs them to a dialog where they can add and confirm their new password.

If customers have a confirmed email address and a confirmed phone number, they are sent a reset link by default, but can re-request password reset via phone:

If customers only have a confirmed phone number, a one-time passcode is provided for password reset:

You can also determine the lifetime of the password reset passcode or Magic Link you provide to your customers.

πŸ“˜

If a customer's password reset link expires, they can request a new one every 20 seconds.

βœ…

Add your branding to password reset emails: go to Customizing Email Templates for customization options.

MFA re-request

The self-service portal provides MFA re-request during login for customers who have extra authentication factors set up in their accounts.

πŸ“˜

Find out more about how customers can set up adaptive MFA in the self-service portals or how your customer service representatives can assist them with managing MFA methods from the Admin Console.

If for any reason, customers didn't receive their one-time passcode (OTP) or Magic Link, they can re-request them via email, SMS, or voice call.

Re-request email OTP

Re-request email Magic Link

Re-request SMS or voice OTP

Re-request SMS Magic Link

Self-service account management

In their self-service accounts, customers can keep in check their personal information, privacy settings, and enhance their account's security.

βœ…

Create a friendly self-service URL for your customers that you can easily share to a customer over a phone call when setting up an application.

Your applications (Application launcher)

You can help customers get more organized with the myriad of applications they have access to. By enabling the application launcher capability in your applications, you can display quick access tiles for customers in their self-service accounts.

πŸ“˜

If group restriction applies, customers will only have quick access to the applications where they are a member of the group(s) assigned to the application.

With quick access, customers can launch applications directly from their accounts. They can even skip a few authentication steps when accessing applications this way.

The application launcher will appear under a new menu named 'Your applications' when the feature is enabled.

Application launcher page in the self-service account

πŸ“˜

To find out more about how to set up quick access, visit this page.

Personal information

The Personal Information page provides a space for the customer to update information for their own account, including but not limited to

  • First Name
  • Middle Name
  • Last Name
  • Email Address
  • Phone Number
  • Address or any attribute which you choose to expose from the application's identity store.

Account settings

The Account Settings page provides customers the ability to see how they log in, as well as any social login accounts that they may have linked to this account.

The customer also has the ability to delete their own account - removing all of their profile data.

Security settings

The Security Settings page provides options for customers to configure Multi-factor Authentication settings, change their password, or view and delete any current sessions that may be accessing their account.

βœ…

If the Passwordless login workflow is being used (via an Adaptive MFA policy) the Change Password screen will not be shown to those customers.

Privacy & data

The Privacy & Data page provides options for customers to view, opt-in, or opt-out to any consent per the consent policy for the application they are using.

Customers can also use this page to download a copy of their account information, supporting data portability requirements for a number of global regulatory standards.

πŸ“˜

Visit self-service policy settings to learn how to fine-tune the customer experience of your application with self-service configuration options.