Zero Page Login Collector node

The Zero Page Login Collector node verifies the presence of specific HTTP username and password headers in the incoming authentication request. If the headers exist, the node uses their corresponding values as the provided username and password.

The Zero Page Login Collector node is commonly used to:

Connect the Has Credentials outcome connector to the input of a Data Store Decision node.
Connect the No Credentials outcome connector to the input of a Platform Username node followed by a Platform Password node, and then into the same Data Store Decision node.

The password collected by this node remains in the node state only until the journey reaches the next node that requires user interaction.

Compatibility

Product	Compatible?
ForgeRock Identity Cloud	Yes
ForgeRock Access Management (self-managed)	Yes
ForgeRock Identity Platform (self-managed)	Yes

Product

Compatible?

ForgeRock Identity Cloud

Yes

ForgeRock Access Management (self-managed)

Yes

ForgeRock Identity Platform (self-managed)

Yes

Inputs

HTTP username header
HTTP password header
An allowlist of referrers if Allow Without Referer property is disabled. When you set the Allow Without Referer property to false, the request must contain a referrer from the allowlist; otherwise, the journey ends in a failure.

Dependencies

None.

Configuration

Properties

Property Usage

Username Header name

Enter the name of the header that contains the username value.

Default: X-OpenAM-Username

Password Header name

Enter the name of the header that contains the password value.

Default: X-OpenAM-Password

Allow without referer

If enabled, the node accepts incoming requests that do not contain a Referer HTTP header. If a Referer HTTP header is present, the value is not checked.

If disabled, a Referer HTTP header must be present in the incoming request, and the value must appear in the Referer allowlist property.

Default: Enabled

Referer Whitelist

Specify a list of URLs allowed in the Referer HTTP header of incoming requests. An incoming request containing a Referer HTTP header value not specified in the allowlist causes evaluation to continue along the No Credentials outcome path.

You must disable the Allow Without Referer property for the referer allowlist property to take effect.

Outputs

The collected credentials from the headers.

Outcomes

Has Credentials
No Credentials

Evaluation continues along the Has Credentials outcome path if the specified headers are available in the request, or the No Credentials path if the specified headers are not present.

Errors

If more than one header value exists for username and/or password, the node returns the following error message: "Expecting only one header value for username and/or password but size is {}."
If the node can’t decode the header values, the node returns the following error message: "Could not decode username or password header."

Identity Cloud