Identity Cloud

Nodes

This section provides a description of each Autonomous Access node you can use within your journeys.

The Autonomous Access nodes do not require any custom coding or connectors to implement within a journey. When customers purchase this add-on service, the nodes appear in the Identity Cloud Journeys section under Autonomous Access.

Signal node

The Autonomous Access Signal node is a construction node where you specify the heuristics and/or anomaly detection to be included in risk score generation during the AI/ML pipelines. By default, all heuristics and anomaly detection are enabled, but you can specify multiple combinations depending on the use case.

The input typically comes from the Data Store Decision node, but may come from other similar nodes where Autonomous Access can obtain a user ID (for example, username collector). The output must connect to the Autonomous Access Decision node for actionable paths.

The signal node creates a transaction ID and sends an API call to the Autonomous Access server for information. In response, the Autonomous Access returns the risk scores and additional information associated with the transaction ID. The output connects to the Autonomous Access Decision or a custom scripted node for some actionable paths.

auto access node signal

Table 1. Signal node heuristics
Heuristic Usage

Anomaly detection

Detects behavioral anomalies based on user city, country, day of week, time of day, operation system (OS), OS version, device, device type, and browser type.

Credential Stuffing

Detects if an IP address is trying to access a number of users over a period of time.

Suspicious IP Check

Detects if an IP is making many authentication attempts.

Automated User Agent Filter

Detects automated bots in the user-agent string.

Impossible Traveller Prevention

Detects if a user is moving between two locations at an impossible speed.

Brute Force Prevention

Detects direct users failing multiple authentication attempts.

Decision node

The Decision node takes the data sent by the Signal node and lets you direct the flow to actionable paths depending on where the risk score falls within the range of high, medium, low, and unknown scores. The full range of scores is from 0 to 100, where 0 indicates no risk and 100 indicates the highest risk.

The node takes its input from the signal node and outputs to some corresponding path depending on the journey’s configuration.

Unknown risk scores occur when a risk score could not be calculated during the AI/ML pipeline runs for the following reasons: 1) not enough data points for the AI/ML analytics, 2) service is down, and 3) timeout.

auto access node decision

If you want a more granularity for the risk score ranges, you can use a custom scripted node in place of the out-of-the-box decision node. Contact ForgeRock and refer to Scripted decision node API.
Table 2. Decision node properties
Property Usage

Low risk threshold

Sets the maximum (inclusive) value for low risk score threshold. For example, if the low risk threshold is 30; then, the low risk range is from 0 to 30.

Medium risk threshold

Sets the maximum (inclusive) value for the medium range of scores. For example, if the medium risk threshold is 70, values between 31 (that is, the low risk threshold) to 70 specify the range for medium risk scores. Values between 71 and 100 are defined as the high risk score range.

Result node

The Result node provides the final outcome and risk prediction results from the AI/ML analytics.

The Result node must be present before the success and failure nodes for data collection.

auto access node result

Table 3. Result node properties
Property Usage

Success

Indicates a successful journey outcome.

Failure

Indicates a failed journey outcome.

Copyright © 2010-2022 ForgeRock, all rights reserved.