ForgeRock Identity Platform 7.5

Identify Existing User node

The Identify Existing User node verifies if a user exists based on an identifying attribute, such as an email address, then makes the value of a specified attribute available in the shared node state.

Use this node in a forgotten password flow to fetch a username to email to the user. To display the username on the screen, use the Display Username node instead.

Compatibility

Product Compatible?

PingOne Advanced Identity Cloud

Yes

PingAM (self-managed)

This functionality requires that you configure AM as part of a sample Ping Identity Platform deployment.

Yes

Ping Identity Platform (self-managed)

Yes

Inputs

This node reads the Identity Attribute (default: mail) from the shared node state.

If the Identity Attribute is not available, it reads the userName from the shared node state.

Dependencies

This node depends on IDM to store the user profile.

Configuration

Property Usage

Identifier

The attribute to collect from a managed identity object.

Default: userName

Identity Attribute

The attribute used to identify the managed object in IDM.

When this node serves to recover a username, the identity attribute should be some other attribute that is unique to a user object, such as the email address.

Default: mail

Outputs

The node writes the Identifier and the user account _id to the shared node state.

If the Identifier differs from userName, this node also writes the userName to the shared node state.

Outcomes

True

The node successfully identified the user and updated the shared node state.

False

Any other case.

Errors

This node does not log error or warning messages of its own.

Example

The following example shows a flow to reset a forgotten password:

Use this node to help reset a forgotten password
  • The user enters their email in the Attribute Collector node of the Page node.

  • The Identify Existing User node uses the email address to look up the username of the user’s account. If it finds the user account, it adds the username to the shared node state.

  • The Email Suspend node emails the user and suspends authentication.

  • Once authentication resumes, the Inner Tree Evaluator node sends the user to a different flow to reset their password.

Copyright © 2010-2024 ForgeRock, all rights reserved.