Identity Cloud

Identity Store Decision node

Attempts to match the provided username and password with those in the identity store.

If the credentials exist, the node checks whether the profile is locked, the provided password has expired, or the user cancels a password reset.



The credentials match those found in the identity store.


The credentials do not match those found in the identity store.


The profile associated with the provided credentials is locked.


The user must change their password. When the journey prompts the user to change their password, the user cancels the password change.


The profile is found, but the password has expired.


Property Usage

Minimum Password Length

Specifies the minimum acceptable password length.

Default: 8

Username as Universal Identifier

If you enable this property, the username property is set to the value of the uuid. For example, "username": "c636b756-ba6b-481d-ab4a-ab8c064cb24b".

If this property is false, the value of the username property remains unchanged. For example, "username": "bjensen".

Default: false

  • In new Identity Cloud deployments (starting from 2022.6), this property is false ("username": "bjensen").

  • In a deployment upgrade, this property is true, (username takes the value of the uuid) for compatibility with previous Identity Cloud releases.

  • In a deployment upgrade where this node already includes the property, the value of Username as Universal Identifier remains unchanged.

Use mixed case for password change messages

Defines whether password change messages are returned in mixed (sentence) case or transformed to uppercase.

By default password reset and password change messages are transformed to upper case. Enable this setting to return messages in sentence case.

Default: Disabled


The Identity Store Decision node in context

Alternative nodes

  • The Data Store Decision node is a simpler node with only two outcomes, True and False. Use this node if the flow only requires these outcomes.

Copyright © 2010-2024 ForgeRock, all rights reserved.