AM 7.3.1

Recovery Code Display node

Retrieves generated recovery codes from the transient state and presents them to the user, for safe-keeping. The codes can be used to authenticate if a registered device is lost or stolen.

Generated recovery codes are inserted into transient state when evaluation continues along the Success outcome path of the MFA nodes configured to generate recovery codes. Connect this node to the Success outcome path to display the codes.

If no recovery codes are available in transient state, evaluation continues along the only outcome path, and nothing is displayed to the user.

Generated recovery codes cannot be retrieved from the user’s profile—​they are one-way encrypted.

This node is the one and only opportunity to view and save the recovery codes.


Single outcome path.


This node has no configurable properties.


The following shows example output of this node:

The Recovery Code Display node in context
Copyright © 2010-2024 ForgeRock, all rights reserved.