Account Active Decision node
The Account Active Decision node determines whether the current account is both active and unlocked, and lets the journey make a decision, based on that check.
An account is considered locked under these conditions:
-
The status is inactive.
-
The status is active and a duration lockout is set on the account.
An account is considered unlocked under this condition:
-
The status is active and no duration lockout is set on the account.
The node determines whether the account has been locked through both persistent (physical) lockout and duration lockout. For more information, refer to Account lockout.
Compatibility
| Product | Compatible? |
|---|---|
Advanced Identity Cloud |
Yes |
PingAM (self-managed) |
Yes |
Ping Identity Platform (self-managed) |
Yes |
Inputs
The node reads the user’s identity from the shared state. Implement a Platform Username node before this node in the journey.
Outcomes
-
TrueThe journey follows this outcome path if the account is assessed to be
activeandunlocked. -
FalseThe journey follows this outcome path if the account is assessed to be
inactiveorlocked.
Errors
If the node cannot read the identity of the account, it throws the following exception:
Failed to get the identity object
Examples
In this simple login journey, authentication fails if the account is assessed to be inactive or locked.
This example uses the following nodes:
-
The Page node prompts the user to input their username and password:
-
The Platform Username node collects the username and stores it in the shared state.
-
The Platform Password node collects the password and stores it in the shared state.
-
-
The Data Store Decision node uses the username and password to determine whether the account exists.
-
The Account Active Decision node determines whether the account is active and unlocked.
-
If the account is active and unlocked, the Increment Login Count node increments the login count and authentication succeeds.
-
If the account is inactive or locked, the authentication fails.