User registration
Users can register themselves in an Identity Pool, or organization administrators can initiate the registration process.
Registration options
SecureAuth provides customizable and scalable registration flows through high- and low-level APIs. You can create users in four ways.
Users self-register using the SecureAuth platform built-in registration page
Organization or Identity Pool admins invite users to register
Organizations integrate SecureAuth with their own custom registration pages
During social log in, the platform provisions users and their attributes from the external Identity Provider
User self-registration
The SecureAuth platform offers customizable registration pages to guide users through the registration process.
Access the registration page
Modify and paste the following URL into your browser:
https://<tenant_id>.authz.cloudentity.io/tenant_id/identity/<identity_pool_id>/register
 |
Example self-registration flow
Customize registration pages and messages
You can fully brand the registration pages by modifying colors, logos, fonts, or templates. You can also customize the messages users receive during registration.
Tip
To test branding for a specific workspace, add the server_id query parameter with the workspace ID.
https://<tenant_id>.authz.cloudentity.io/tenant_id/identity/<identity_pool_id>/register?server_id=<workspace_id>
Admin-initiated user registration
Admins can create users with an initial password or send an invitation email. This approach is useful for preparing user accounts with specific permissions before granting access.
SecureAuth simplifies the user registration with its advanced Administration Portal and business-focused B2B/Delegated Administration Portal. Admin can register users through either portal.
Create users with passwords
Admins can create users with an initial password and decide if the user must set a new password after their first login. The registration form includes all required fields, validates data inline, and ensures compliance with payload and metadata schemas.
 |
Invite users to register
Admins can create a user and invite them to complete account setup. After entering essential user details, the admin creates the user entity. The system automatically sends an email to the user with a link to activate their account and set credentials.
 |
Customize registration invite messages
With the Send invitation option, users receive an email or SMS with an activation link. Admins can fully customize these messages using advanced branding tools.
Developing a custom registration page
SecureAuth provides Identity Pools APIs to help you build custom registration pages for your website or application.
Creating a custom registration page offers advantages like:
Customization. Align the process with your brand.
Enhanced user experience. Tailor the design to user needs.
Stronger security. Manage data protection practices directly.
Flexible integration. Seamlessly connect with other systems.
Actionable Insights. Use data analytics to improve the user journey
Explore more about building a custom registration page.
Customize or send registration messages
Even with a custom page, users receive key messages like account activation notices. You can:
Use the SecureAuth messaging system and customize colors, logos, font sizes, and templates
Generate verification codes through the API and send them using your organization’s preferred channels.
The API returns a plain-text verification code and an extended version, which you can deliver to users however you choose.
Hyper-scale user registration
The SecureAuth efficiently handles large-scale user registrations with scalable infrastructure that adapts to surges in demand. Cloud-based solutions, such as auto-scaling, distributed databases, and load balancers, maintain performance during high registration volumes.
Key optimizations include:
Scaling resources automatically based on registration load and processing delays.
Using virtual queues to manage registrations in batches, preventing system overload.
Employing virtual caches to optimize database communication and reduce latency.
Allowing registered users to authenticate immediately using near-cache data, even if database updates are pending.
Implementing back pressure, rate limiting, and throttling to maintain system efficiency under extreme load.
Adding CAPTCHA to the registration form for added security.
Learn more about how SecureAuth enabled EQL to handle large-scale sales events
Enforcing specific user data during registration
When registering a user in SecureAuth, you can customize the user entity's payload and metadata. These fields store user data, such as attributes like name and group. JSON schemas define the required and optional fields.
During registration, the system verifies whether the user data meets the schema requirements. If it doesn’t, the request fails, and the system returns an error.
On the SecureAuth SaaS platform, self-registration and admin-invitation forms are dynamically rendered based on these schemas. When creating users via API, ensure all required data is provided in the correct format
Preventing user account enumeration
User account enumeration occurs when attackers exploit differences in API responses to determine if a username or email exists on a platform. This vulnerability can expose sensitive data and compromise account security.
SecureAuth prevents account enumeration by implementing:
Consistent error responses
Rate limiting and CAPTCHA challenges
Secure user registration practices
SecureAuth API protections
Generic Success Responses. APIs like self-registration and password reset always return a success message, regardless of backend checks for identifier uniqueness. For example, the registration page asks for a verification code even if none was sent, and users registering with the same identifier receive a message indicating the account already exists.
Enumerated Safe APIs. APIs such as Request Reset Password and or Request Address Verification prevent account enumeration. Learn more about this protection in the API documentation.
Low-Level APIs. APIs like ike Create User and Add User Identifier handle user operations and return detailed error messages. These APIs are typically used by backend processes and require clients to implement their own enumeration prevention strategies.
By combining these measures, SecureAuth reduces the risk of account enumeration attacks and enhances platform security.