Identity Cloud

Identity Store Decision node

Attempts to match the provided username and password with those in the identity store.

If the credentials exist, the node checks whether the profile is locked, the provided password has expired, or the user cancels a password reset.

Outcomes

True

The credentials match those found in the identity store.

False

The credentials do not match those found in the identity store.

Locked

The profile associated with the provided credentials is locked.

Cancelled

The user must change their password. When the journey prompts the user to change their password, the user cancels the password change.

Expired

The profile is found, but the password has expired.

Properties

Property Usage

Minimum Password Length

Specifies the minimum acceptable password length.

Default: 8

Username as Universal Identifier

If you enable this property, the username property is set to the value of the uuid. For example, "username": "c636b756-ba6b-481d-ab4a-ab8c064cb24b".

If this property is false, the value of the username property remains unchanged. For example, "username": "bjensen".

Default: false

  • In new Identity Cloud deployments (starting from 2022.6), this property is false ("username": "bjensen").

  • In a deployment upgrade, this property is true, (username takes the value of the uuid) for compatibility with previous Identity Cloud releases.

  • In a deployment upgrade where this node already includes the property, the value of Username as Universal Identifier remains unchanged.

Example

The Identity Store Decision node in context

Alternative nodes

  • The Data Store Decision node is a simpler node with only two outcomes, True and False. Use this node if the flow only requires these outcomes.

Copyright © 2010-2022 ForgeRock, all rights reserved.