Identity Cloud

Set Session Properties node

The Set Session Properties node adds key:value properties to the user’s session on successful authentication.

You can access session properties using a variable in a webhook. For more information, refer to Configure authentication webhooks.

Compatibility

Product Compatible?

ForgeRock Identity Cloud

Yes

ForgeRock Access Management (self-managed)

Yes

ForgeRock Identity Platform (self-managed)

Yes

Inputs

None. This node does not read shared node state data.

Dependencies

Ensure the user can successfully authenticate and get a session.

If the user never gets a session, this node has no effect.

Configuration

Property Usage

Properties

The session properties to set.

  • To add a session property:

    1. Click , then Add in the Properties modal.

    2. Enter the session property name in the Key field and the value to set in the Value field.

    3. Click Done.

  • To edit a property:

    1. Click its pencil icon ().

    2. Update the Key and Value as when adding properties.

  • To remove a property, click its delete icon ().

When finished, click Save to keep your settings.

Outputs

This node sets session properties; it does not change the shared state data.

This node cannot override system session properties, such as the principal or the authentication level. Use a different journey to re-authenticate the user rather than trying to change such properties with this node.

Outcomes

Single outcome path: when the journey completes successfully, this node sets the configured session properties.

Errors

This node does not log messages of its own.

Examples

The following example uses the Set Session Properties node to update the successURL session property.

  • A first platform journey updates the session property on successful authentication:

    Setting a session property

    When the journey completes successfully, AM updates the successURL in the user’s session data.

  • A second journey uses a script to display the session properties after the user authenticates:

    Showing session properties in the shared state data

    The Scripted Decision node calls the following script to inject the session properties into the shared state data so the journey can display them though a debug popup:

    if (typeof existingSession !== 'undefined') {
      nodeState.putShared('session', existingSession)
      action.goTo('hasSession')
    } else {
      nodeState.putShared('session', null)
      action.goTo('noSession')
    }

    The second journey has Debug mode and Enable Debug Popup selected.

Follow these steps to try the example:

  1. Create both journeys using the journey editor.

  2. Sign in through the first journey with a test user account.

    The browser shows the user profile page.

  3. In the same browser window, browse to the URL for the second journey.

    The debug popup window displays the shared state data including session properties:

    {
        "transactionId": "...",
        "session": {
            "successURL": "<your-success-url>",
            "...": "..."
        },
        "realm": "/alpha",
        "authLevel": 0,
        "username": "test"
    }

    The successURL property is set to <your-success-url>, the one you configured as the value in Properties of the Set Session Properties node.

  4. Sign out as the test user.

  5. Sign in through the default journey as the test user.

    The default journey doesn’t use the Set Session Properties node with your configuration, so it uses the default value for the successURL session property.

  6. In the same browser window, browse to the URL for the second journey again.

    The debug popup window displays the shared state data, including session properties with the default successURL value.

Copyright © 2010-2024 ForgeRock, all rights reserved.