Security business menu
Security business
HOME
To be elected
cause
Service
Handling Manufacturer
Examples/reports/
Blog/Glossary
Seminar/
video on demand
Event/Seminar
video on demand

Okta

Octa

Introduction

When providing web services and applications for general consumers, it is required to set a step of agreeing to the terms of use at the time of user registration from the viewpoint of various laws such as the Personal Information Protection Law. Furthermore, as stated in the Ministry of Economy, Trade and Industry's "Regulations Concerning Electronic Commerce and Information Property Transactions (April 2022)", after clearly indicating the existence of the terms of use and privacy policy, consent The point is to have them check to the effect that they will do so.

This page introduces setting examples and actual operations for obtaining consent to terms of use that can be achieved using Okta CIC (Auth0) standard functions.

Configuration example and actual operation

Overview of Consent Acquisition and Management Features in Auth0

Various implementation requirements are assumed in the procedure for obtaining consent to terms of use for web services and applications.

  • Display of terms of use (displaying the full text, providing a URL link to the page where the terms of use are posted, etc.)
  • Request for consent acquisition action (explicit consent action such as check operation, consent action that also serves as other operation such as user registration button, etc.)

The range that can be achieved with Auth0 standard functions is as follows.

  • Obtaining agreement to the terms of use on the user screen provided by Auth0
  • URL link to the Terms of Use page and consent Box placement (Using Universal Login function)
  • Store consent acquisition information in user metadata (using Actions function)
  • Page transition to obtain agreement to terms of use on pages outside of Auth0
  • Transition to terms of use/consent acquisition page provided outside of Auth0, such as linked applications (using Actions function)

On this page, we will introduce a setting example for Classic Universal Login to achieve ①.

With the product update in February 2024, it is now possible to place Box on the screen even in New Universal Login.

Assumptions and precautions

The setting examples on this page are for web applications that are linked to Auth0.
Additionally, the information regarding functions and settings described on this page is current as of February 2024.

Setting example: Acquisition of consent at the time of user registration (check Box)

1.On the Auth0 management screen, click [Branding] > [Universal Login]

2. Click [Advanced Options]

3. Select Login tab

4. Enable [Customize Login Page] (By enabling it, the editor becomes editable)

5. Edit the code as follows
▼Adding check Box

▼ Added a Japanese message for obtaining consent and a link to the Terms of Use page

6. Click Save Changes

Operation example: Consent acquisition (check Box) at the time of user registration

1. Log in on the Auth0-linked web application screen and transition to the user registration screen (Universal Login: Classic version) provided by Auth0.
2. On the user registration screen, confirm that a message agreeing to the terms of use (including a link to the terms of use) and a check Box for obtaining consent are displayed.

Setting example: Management of consent acquisition information

1.In the Auth0 administration screen, click [Actions] > [Library].

2. Click [Build Custom]

3. Select the name of the action to be created, the action's trigger, and the execution environment, then click [Create].

4. Write the logic for managing consent acquisition information in JavaScript in the code editor on the setting screen.
Here, as an example, describe the logic to store the date and time of consent acquisition (= user registration), the consent acquisition flag, and the version of the agreed terms of use as the registered user's Metadata.

5. Click [Deploy]

6. Confirm that the created Action was successfully deployed

7.On the Auth0 management screen, click [Actions] > [Flows]

8. Select the Flow that incorporates the created Action
Here, click [Pre User Registration]

9. Drag and drop the created Action displayed in the Custom tab on the right side of the screen and incorporate it into the flow diagram on the left side of the screen

10. Click [Apply]

11.Confirm that it was reflected normally

Operation example: Management of consent acquisition information

1. Log in on the Auth0-linked web application screen and transition to the user registration screen (Universal Login: Classic version) provided by Auth0.
2. On the user registration screen, check Box for agreeing to the terms of use, and perform user registration (click [Continue]).
3.On the Auth0 administration screen, click [User Management] > [Users]

 

4. From the displayed user list, select the user registered in 2.
5. Check the Metadata column on the Details tab and confirm that the consent acquisition information is stored

Summary

This page introduced how to obtain consent to the terms of use using Auth0's standard features. You can try this feature in the free Auth0 trial environment.

In addition to the consent acquisition function introduced this time, Auth0 has a group of functions necessary for realizing the authentication process in web services and applications. If you are interested in Auth0, please contact us.

reference

Click here for a list of Customer Identity Cloud (Auth0) basic setting operation guides

Inquiry/Document request

In charge of Macnica Okta Co., Ltd.

inquiry Document request

Mon-Fri 8:45-17:30