Identity Cloud

Retry Limit Decision node

Permits the specified number of passes through to the Retry outcome path before continuing evaluation along the Reject outcome path.

Compatibility

Product Compatible?

ForgeRock Identity Cloud

Yes

ForgeRock Access Management (self-managed)

Yes

ForgeRock Identity Platform (self-managed)

Yes

Inputs

The node takes the user ID from the shared state.

Outputs

If Save Retry Limit to User is enabled, the node increments the retry count and saves the number of failed attempts in the retryLimitNodeCounts property of the user profile. If the user can’t be identified as part of the journey context, the journey ends with an error.

If Save Retry Limit to User is disabled, the node increments the retry count and saves the number of failed attempts in a shared state property named nodeId.retryCount. The count is lost if the journey is restarted.

Prerequisites

None

Configuration

Property Usage

Retry limit

Specify the number of retries to allow.

Default: 3

Save Retry Limit to User

Specify whether the number of failed login attempts persists across multiple journeys until authentication is successful. Possible values are:

Enabled

The node saves the number of failed login attempts to the user’s profile. New flows using this node start with the stored value and continue to the retry limit.

AM resets the count after the user authenticates successfully with an authentication journey that contains this node.

If AM cannot find the user’s profile, authentication ends with an error.

Disabled

The node saves the number of failed login attempts in a shared state property named nodeId.retryCount and discards the value when the authentication journey ends.

For security reasons, you should enable this setting.

Default: Enabled.

Outcomes

  • Retry

  • Reject

Example

A RetryLimit authentication journey, showing Retry Limit Decision node use.
Copyright © 2010-2024 ForgeRock, all rights reserved.