Configure privacy & terms

By default, when your end users create an account, they are explicitly agreeing to your terms of service and privacy policy. Legal acceptance links on Hosted Login screen

The terms of service and privacy policy links should be updated to point to your own pages containing your legal text. See the Links section for updating these links.

Privacy & Terms Tracking

Hosted Login has built-in functionality to store data about the user’s acceptance of your terms of service and privacy policy. This data is stored in the user’s record within a plural object called legalAcceptances. legalAcceptances data in user record

Hosted Login will also prompt the user to accept again when you formally update your legal text. Hosted Login legal acceptance screen

You can leverage this functionality by using the following settings in the Identity Cloud Console:

Setting Name Example Value What it Does How to Use
legal_acceptance_id_1 privacyPolicy-v1 This value is written to the user record upon acceptance When you make a meaningful change to your legal text, update this setting to reflect the new version (Example: privacyPolicy-v2)
legal_acceptance_id_2 termsOfService-v1 This value is written to the user record upon acceptance When you make a meaningful change to your legal text, update this setting to reflect the new version (Example: termsOfService-v2)
authorization.rules.legal_accepted ["privacyPolicy-v1", "termsOfService-v1"] This array is compared to the user record upon login; a mismatch will prompt the user to accept the new terms When you make a meaningful change to your legal text, update the pertinent value(s) in this array. The values in this array must match the above two settings.

By default, these settings are placed at the Global level and have placeholder values. You can update these setting values to represent your real privacy & terms versions and naming conventions:

  1. Navigate to the Identity Cloud Console
  2. Click on your application in the left column navigation
  3. Click to open MANAGE APPLICATION
  4. Click the EDIT SETTINGS button at the top of the Global Settings section
  5. Locate these three settings and update their values to match your current privacy & terms versions Legal acceptance settings in Console
  6. Click the Save icon (Save button)

Tip! These settings can be maintained at the Global level and/or at the Property level. Where you maintain them depends on whether your legal text is handled globally across all your sites, handled separately per site, or a mix of both.

For more information and other available authorization rules, see Authorization rules.