Identity Cloud

Nodes

This section covers the configuration of the Autonomous Access nodes that are built into AM.

The Autonomous Access nodes do not require any custom coding or connectors to implement within a journey. When customers purchase this add-on service, the nodes appear in the Identity Cloud Journeys section under Autonomous Access.

Signal node

The Autonomous Access signal node is a construction node where you specify the heuristics and/or anomaly detection to include in risk score generation during the AI/ML pipelines. By default, all heuristics and anomaly detection are enabled, but you can specify multiple combinations depending on the use case.

The input typically comes from the Data Store Decision node, but may come from other similar nodes (for example, username collector). The output must connect to the Autonomous Access Decision node for actionable paths.

auto access node signal

Table 1. Signal node properties
Property Usage

Anomaly detection

Detects behavioral anomalies based on user city, country, day of week, time of day, operation system (OS), OS version, device, device type, and browser type.

Credential Stuffing

Detects if the IP address is frequently used across a number of users.

Suspicious IP Check

Detects if many different users are coming from the same IP address.

Automated User Agent Filter

Detects automated bots in the user-agent string.

Impossible Traveller Prevention

Detects if a user is moving between two locations at an impossible speed.

Brute Force Prevention

Detects direct users failing multiple authentication attempts.

Decision node

The Decision node lets you set the ranges for high, medium, low, and unknown risk scores. The full range of scores is from 0 to 100, where 0 indicates no risk and 100 indicates the highest risk.

The node takes its input from the signal node and outputs to some corresponding path depending on the journey’s configuration.

Unknown risk scores occur when a risk score could not be calculated during the AI/ML pipeline runs for the following reasons: 1) not enough data points for the AI/ML analytics, 2) service is down, and 3) timeout.

auto access node decision

Table 2. Decision node properties
Property Usage

Low risk threshold

Sets the maximum (inclusive) value for low risk score threshold. For example, if the low risk threshold is 30; then, the low risk range is from 0 to 30.

Medium risk threshold

Sets the maximum (inclusive) value for the medium range of scores. For example, if the medium risk threshold is 70, values between 31 (that is, the low risk threshold) to 70 specify the range for medium risk scores. Values between 71 and 100 are defined as the high risk score range.

Result node

The Result node provides the final outcome and risk prediction results from the AI/ML analytics.

The Result node must be present before the success and failure nodes for data collection.

auto access node result

Table 3. Result node properties
Property Usage

Success

Indicates a successful journey outcome.

Failure

Indicates a failed journey outcome.

Copyright © 2010-2022 ForgeRock, all rights reserved.