The authRule_reqAttrs screen (Hosted Login v1)

Looking for the Hosted Login v2 version of this screen? Then click here.

The authRule_consents screen appears if:

  1. An authorization rule has been implemented that requires a user to provide values for a specified set of attributes before he or she can log on.
  2. At least one of these attributes is set to null. Any user profile attribute can be marked as a required attribute.

If the authorization.rules.required_attributes authorization rule has been enabled:

  1. A user signs in and is authenticated.
  2. Before the user is issued an access token, the Identity Cloud checks the user profile to see if all the required attributes have a non-null value:
    • If the answer is “yes,” the user is issued an access token and is fully logged on.
    • If the answer is “no,” the authRule_reqAttrs screen is displayed. The user must provide values for the specified attributes and then click Continue before he or she is issued an access token.

Incidentally, authorization rules are processed in the following order:

  1. authorization.rules.required_attributes
  2. authorization.rules.min_age 
  3. authorization.rules.legal_acceptances
  4. authorization.rules.consents 
  5. authorization.rules.email_is_verified

Authorization Rules Screen Flow

The following graphic shows how the authRule_reqAttrs screen fits into the Authorization Rules flow.

Please Supply the Following Information Authorization Rule Screen: Technical Documentation