Nodes
This section provides a description of each Autonomous Access node you can use within your journeys.
The Autonomous Access nodes do not require any custom coding or connectors to implement within a journey.
When customers purchase this add-on service, the nodes appear in the Identity Cloud Journeys section under Autonomous Access.
Signal node
The Autonomous Access Signal node is a construction node where you specify the heuristics and/or anomaly detection to be included in risk score generation during the AI/ML pipelines. By default, all heuristics and anomaly detection are enabled, but you can specify multiple combinations depending on the use case.
The input typically comes from the Data Store Decision node, but may come from other similar nodes where Autonomous Access can obtain a user ID (for example, username collector). The output must connect to the Autonomous Access Decision node for actionable paths.
The signal node creates a transaction ID and sends an API call to the Autonomous Access server for information. In response, the Autonomous Access returns the risk scores and additional information associated with the transaction ID. The output connects to the Autonomous Access Decision or a custom scripted node for some actionable paths.
| Heuristic | Usage |
|---|---|
Anomaly detection |
Detects behavioral anomalies based on user city, country, day of week, time of day, operation system (OS), OS version, device, device type, and browser type. |
Credential Stuffing |
Detects if an IP address is trying to access a number of users over a period of time. |
Suspicious IP Check |
Detects if an IP is making many authentication attempts. |
Automated User Agent Filter |
Detects automated bots in the user-agent string. |
Impossible Traveller Prevention |
Detects if a user is moving between two locations at an impossible speed. |
Brute Force Prevention |
Detects direct users failing multiple authentication attempts. |
Decision node
The Decision node takes the data sent by the Signal node and lets you direct the flow to actionable paths depending on where the risk score falls within the range of high, medium, low, and unknown scores. The full range of scores is from 0 to 100, where 0 indicates no risk and 100 indicates the highest risk.
The node takes its input from the signal node and outputs to some corresponding path depending on the journey’s configuration.
Unknown risk scores occur when a risk score could not be calculated during the AI/ML pipeline runs for the following reasons: 1) not enough data points for the AI/ML analytics, 2) service is down, and 3) timeout.
| If you want a more granularity for the risk score ranges, you can use a custom scripted node in place of the out-of-the-box decision node. Contact ForgeRock and refer to Scripted decision node API. |
| Property | Usage |
|---|---|
Low risk threshold |
Sets the maximum (inclusive) value for low risk score threshold. For example, if the low risk threshold is 30; then, the low risk range is from 0 to 30. |
Medium risk threshold |
Sets the maximum (inclusive) value for the medium range of scores. For example, if the medium risk threshold is 70, values between 31 (that is, the low risk threshold) to 70 specify the range for medium risk scores. Values between 71 and 100 are defined as the high risk score range. |
Result node
The Result node provides the final outcome and risk prediction results from the AI/ML analytics.
| The Result node must be present before the success and failure nodes for data collection. |
| Property | Usage |
|---|---|
Success |
Indicates a successful journey outcome. |
Failure |
Indicates a failed journey outcome. |