diff --git a/app/controllers/api/v1/Password.controller.js b/app/controllers/api/v1/Password.controller.js
index f9f172c..b99f336 100644
--- a/app/controllers/api/v1/Password.controller.js
+++ b/app/controllers/api/v1/Password.controller.js
@@ -90,6 +90,10 @@ class PasswordController extends Controller {
         await this.activity.password_reset({ req, ip: req.ip })
         if ( req.trap.has_trap() && req.trap.get_trap() === 'password_reset' ) await req.trap.end()
 
+        if ( req.session.registrant_flow ) {
+            await req.trap.begin('registrant_flow', { session_only: true })
+        }
+
         // invalidate existing tokens and other logins
         await req.user.logout(req)
         await req.user.kickout()
diff --git a/app/controllers/auth/Forms.controller.js b/app/controllers/auth/Forms.controller.js
index 8cefb83..efab877 100644
--- a/app/controllers/auth/Forms.controller.js
+++ b/app/controllers/auth/Forms.controller.js
@@ -11,11 +11,21 @@ class Forms extends FormController {
     }
 
     async registration_provider_get(req, res, next) {
+        if ( req.session.auth.flow ) {
+            req.session.registrant_flow = req.session.auth.flow
+        }
+
         return res.page('auth:register', {
             ...this.Vue.data({})
         })
     }
 
+    async finish_registration(req, res, next) {
+        if ( req.trap.has_trap() && req.trap.get_trap() === 'registrant_flow' ) await req.trap.end()
+        const dest = req.session.registrant_flow || '/dash/profile'
+        return res.redirect(dest)
+    }
+
     async login_provider_get(req, res, next) {
         const Setting = this.models.get('Setting')
 
diff --git a/app/routing/routers/auth/forms.routes.js b/app/routing/routers/auth/forms.routes.js
index e979d67..fe04125 100644
--- a/app/routing/routers/auth/forms.routes.js
+++ b/app/routing/routers/auth/forms.routes.js
@@ -67,6 +67,11 @@ const index = {
             'controller::auth:Forms.logout_provider_present_success',
         ],
 
+        '/finish-registration': [
+            'middleware::auth:UserOnly',
+            'controller::auth:Forms.finish_registration',
+        ],
+
         '/login-message': [
             'middleware::auth:UserOnly',
             'controller::api:v1:System.show_login_message',
diff --git a/config/traps.config.js b/config/traps.config.js
index 064fbb0..7129bea 100644
--- a/config/traps.config.js
+++ b/config/traps.config.js
@@ -29,6 +29,18 @@ const traps_config = {
                 '/auth/login-message/dismiss',
             ],
         },
+        registrant_flow: {
+            redirect_to: '/auth/finish-registration',
+            allowed_routes: [
+                '/auth/finish-registration',
+                '/auth/logout',
+                '/auth/login',
+                '/api/v1/locale/batch',
+                '/api/v1/auth/validate/username',
+                '/api/v1/auth/attempt',
+                '/api/v1/vault/get-trust-payload',
+            ],
+        },
     },
 }