ory · vinckr · Aug 23, 2023 · Aug 23, 2023
@@ -9,12 +9,12 @@ import Tabs from "@theme/Tabs"
 import TabItem from "@theme/TabItem"
 ```
 
-# Customize login and registration behavior
+## Customize login and registration behavior
 
 You can customize login and registration flows using Ory Actions. This includes calling external services or logic with webhooks
 and triggering logic that is built-in to Ory, such requiring a verified email address to sign in.
 
-## Trigger external logic with webhooks
+### Trigger external logic with webhooks
 
 Make webhook calls to third-party service providers when users sign up or sign in:
 
@@ -23,7 +23,7 @@ Make webhook calls to third-party service providers when users sign up or sign i
 - [Hubspot](../../actions/integrations/segment.mdx)
 - Other [webhook targets](../../guides/integrate-with-ory-cloud-through-webhooks.mdx)
 
-### Control who registers with additional validation
+#### Control who registers with additional validation
 
 Use Ory Actions to add extra validation that allows you to control exactly who can sign up. For example, you can prevent users
 from signing up when:
@@ -39,7 +39,7 @@ Read the
 [Flow-interrupting webhooks documentation](../../guides/integrate-with-ory-cloud-through-webhooks.mdx#flow-interrupting-webhooks)
 to learn more.
 
-## Revoke previously issued sessions at login
+### Revoke previously issued sessions at login
 
 You can revoke all of the user's active session when they log in to your system. This allows the users to have only one active
 session, and ensures that they access your services from one point of entry (a device, a browser) at a time.
@@ -62,7 +62,7 @@ ory patch identity-config {project_id} \
   --add '/selfservice/flows/login/after/webauthn/hooks=[{"hook": "revoke_active_sessions"}]'
 ```
 
-### Disable session revocation
+#### Disable session revocation
 
 Follow these steps to disable session revocation on login:
 
@@ -104,7 +104,7 @@ Follow these steps to disable session revocation on login:
      --remove '/selfservice/flows/login/after/hooks/1'
    ```
 
-## Allow login only with verified email
+### Allow login only with verified email
 
 To allow only the users with a verified email to sign in, follow these steps:
 
@@ -118,12 +118,12 @@ banner and limit functionality for unverified accounts. This approach helps impr
 
 :::
 
-### First sign in without verification
+#### First sign in without verification
 
 If sessions are issued after registration, users will be signed in after registration, but will need to verify their email address
 before they can sign in using other devices or browsers and get more active sessions as a result.
 
-## Log in users after registration
+### Log in users after registration
 
 When you enable this behavior, users get a session after they sign up. This means that they don't have to sign in with their newly
 created account to get access to your services, but instead can access all the features immediately.

@@ -27,7 +27,7 @@ In this example, we create a new instance of the Ory SDK with the `basePath` set
 define an async function that calls the userinfo function with the `accessToken` passed as a parameter. The `data` contains the
 user attributes returned by the userinfo endpoint.
 
-# Adding custom claims to the userinfo response
+## Adding custom claims to the userinfo response
 
 Any information included in `session.id_token` when accepting the consent request will also be included in the response.