Notification policies

Overview

Strivacity provides many out of the box email and SMS notifications which are used to inform your customers on security events or activity on their accounts.

Customer notifications are delivered in two ways 1) e-mail (relayed through our hosting partner, Amazon's Simple Email Service) and 2) SMS (relayed using our SMS and Voice delivery partner, Telesign).

For more information on the types of customer notifications:

Email Notifications
SMS Notifications

Email Notifications

Email Notifications provide a way of using email to establish trust with the customer (by confirming that they're the owner of an email account) - such as during initial account activation or during a password reset) or for informing the customer of any actions and activities of their account - such as a password being successfully changed or an MFA method being enrolled or changed).

If you do not have a vanity URL configured:

All email notifications are sent using the email address noreply.[brandname].strivacity.com where [brandname] is the name that you have defined for your Strivacity instance.

If you have a vanity URL configured:

All email notifications are sent using the email address noreply.[strivacityname].[yourdomain].[yourTLD] where [strivacityname] is the name that you asked Strivacity to configure for your Strivacity instance.

Strivacity provides the following customer email notifications:

Template	Description
Account Invite	This template is sent to a customer or administrative identity that has been invited to sign-up to an application in case of customer identities, or as an administrator in the Admin Console in case of support team onboarding. The invite message contains an invitation link that invitees can use until the end of the link's lifetime or successful account creation.
Account Updated	This template is used for sending an update via email about any changes made in the customer's account either by administrative or self-service account management.
Activate Customer Login	This template is sent to a customer's primary email account after self-registering. The customer will need to click the 'Activate my Account' link in the email before they can login in. This is a one-time-use link with a default lifetime of 24 hours. See Editing a Self-Service Policy for more information on how to edit the link lifetime.
Welcome	This template is sent to a customer's primary email account after the successful activation of an account. This is an informational email.
Forgotten Username Reminder	This template is sent to a customer's primary email account when they use the self-service 'I forgot my Username' option during the Login process. Note: This is generally only useful if you've decided to use a dedicated username or mobile phone number as the primary customer identifier (vs the email address).
Password Reset	This template is sent to a customer's primary email address when they use the 'Forgot my Password' option during the Login process. This is a one-time-use link with a default lifetime of 60 minutes. This link should be considered a secret until it has been used. See Editing a Self-Service Policy for more information on how to edit the link lifetime.
Password Reset Succeeded	This template is sent to a customer's primary email address after they have successfully changed their password. The email also includes a link for the customer to reset their password if this change was not made by them.
MFA Method Enroll	This template is sent to a customer's primary email address to inform them that they have enrolled in Email based Multi-Factor Authentication. The email will contain a one-time-passcode that the customer will need to use to verify that they own this email account.
MFA Method Change	This template is sent to a customer's primary email address to inform them when an MFA Method (and its factor type) has been changed or removed. For example, if a customer changes their phone number for SMS-based MFA, this will inform them. This is to provide the customer awareness of this change in case they did not make it themselves.
One-time-Passcode	This template is sent to a customer's primary email address when the Email OTP MFA method is used during login. The email contains a single-use One-time Passcode that has a default expiry of 6 minutes.
Magic Link	This template is sent to a customer's primary email address when the email Magic Link MFA method is used during login. The email contains a single-use Magic Link that has a default expiry of 6 minutes.
Customer Account Deletion by Customer	This template is sent to a customer's primary email address upon them requesting to delete their account using the self-service portal. The customer will need to use the one-time-use link in the email to confirm the account deletion.
Customer Account Deletion Confirmation	This template is used for notifying a customer that their account deletion request was successful.

SMS Notifications

SMS Notifications provide a way of using a mobile phone to establish trust with the customer (by confirming that they're the owner of an mobile phone number) - such as during MFA enrollment, or using SMS-based Multi-Factor Authentication methods.

All SMS notifications are sent using our delivery partner, Telesigns global communication network using varying short-code or long-codes depending upon the country that the phone number is registered in.

Strivacity provides the following customer SMS notifications:

Template	Description
MFA Method Enroll	This template is sent to a customer's mobile phone number to inform them that they have enrolled in SMS-based Multi-Factor Authentication. The SMS will contain a one-time-passcode that the customer will need to use to verify that they own this mobile phone number.
One-time Passcode	This template is sent to a customer's phone number when the SMS OTP MFA method is used during login. The text message contains a single-use One-time Passcode that has a default expiry of 6 minutes.
Magic Link	This template is sent to a customer's phone number when the SMS Magic Link MFA method is used during login. The text message contains a single-use Magic Link that has a default expiry of 6 minutes.

Template

Description

MFA Method Enroll

This template is sent to a customer's mobile phone number to inform them that they have enrolled in SMS-based Multi-Factor Authentication. The SMS will contain a one-time-passcode that the customer will need to use to verify that they own this mobile phone number.

One-time Passcode

This template is sent to a customer's phone number when the SMS OTP MFA method is used during login.

The text message contains a single-use One-time Passcode that has a default expiry of 6 minutes.

Magic Link

This template is sent to a customer's phone number when the SMS Magic Link MFA method is used during login.

The text message contains a single-use Magic Link that has a default expiry of 6 minutes.

Customization and Branding

See Customizing SMS Templates or Customizing Email Templates for further information on how to customize e-mail and SMS templates.