Additional Information Required screen (v2) overview


If you're looking for the Hosted Login v1 version of this screen, see Additional Information Required v1.

The authRule_consents screen appears if:

  1. An authorization rule has been implemented that requires a user to provide values for a specified set of attributes before he or she can log on.

  2. At least one of these attributes is set to null. Any user profile attribute can be marked as a required attribute.

If the authorization.rules.required_attributes authorization rule has been enabled:

  1. A user signs in and is authenticated.

  2. Before the user is issued an access token, the Identity Cloud checks the user profile to see if all the required attributes have a non-null value:

    • If the answer is “yes,” the user is issued an access token and is fully logged on.
    • If the answer is “no,” the authRule_reqAttrs screen is displayed. The user must provide values for the specified attributes and then click Continue before he or she is issued an access token.

Incidentally, authorization rules are processed in the following order:

  1. authorization.rules.required_attributes
  2. authorization.rules.min_age
  3. authorization.rules.legal_acceptances
  4. authorization.rules.consents
  5. authorization.rules.email_is_verified

Authorization rules screen flow

The following graphic shows how the authRule_reqAttrs screen fits into the Authorization Rules flow:

See also