Is it easy or difficult to use our developer documentation? Let us know in this short survey ↗

Instructions for

On this page

Sign in with password and email factors

Identity Engine

Note: In proxy model architectures, where a server-side app using the embedded SDK is used as a proxy between client apps and Okta servers, a request context for the client apps is required. Security enforcement is expected to be based on the client request context's IP address and user agent.

However, since these values are currently being derived from the server app rather than the client, this enforcement isn't available. As a result, network zones or behaviors that drive their conditions based on these request context values (geolocation, IP Address, or user agent) won't work until Okta can find a solution to the issue.

Enable a password and email sign-in flow in your app using the embedded SDK.

Learning outcomes

  • Configure your Okta org to use the email authenticator.
  • Challenge a user's identity with password and email factors.

What you need

Identity Engine SDK set up for your own app

Sample code


With the embedded SDK, your app can verify a user's identity using a password and then the email authenticator. The email authenticator can complete its verification using

, a one-time passcode (OTP), or a combination of both.

A representation of the required password and email factors

Update configurations


Summary of steps