You are supporting clients who use your APIs to build their own custom user interfaces (i.e., "white-label" clients). A key requirement is to ensure that when end-users register for an account via these custom interfaces, they cannot self-register certain types of credentials, specifically phone numbers and email addresses.

The business rule is that this user data must be sourced exclusively from an authoritative directory, such as LDAP or another central identity provider.

While you have already modified your own native UI to prevent this type of self-service registration, the underlying API endpoints still technically allow it. Therefore, the core challenge is to enforce this rule at a foundational level.

The question is: Can you disable self-service registration for specific credential types (phone, email) at the system or platform level, thereby ensuring that no client, regardless of their UI implementation, can bypass this data governance policy?

VIP Authentication Hub

Currently this is an Enhancement request in VIP AuthHub product and Product management team has currently added this as a backlog item and this will be addressed in some future release. This KB article will be updated when we have the feature available in the product.