Identity Cloud hosted pages
Identity Cloud hosts its own UI pages, known as hosted pages. These UI pages are used in journeys and the Identity Cloud End User UI.
The pages are designed to help you quickly create and test common user self-service operations.
For example, the default login journey starts with a sign-in page for capturing username and password. The journey ends with the end-user’s profile page.
There are two types of hosted pages:
Hosted journey pages. Hosted pages for end user login journeys.
Hosted account pages Hosted pages for end user account management, shown after a login journey.
To prevent exposing information contained in the default end-user profile, you can deactivate the profile’s hosted page. You can then use the ForgeRock SDKs or your own APIs to create and host your own custom web pages.
When you deactivate the hosted pages option, Identity Cloud displays the following web page to unauthorized end users:
After you deactivate the default end-user profile, you can still use the hosted end-user journey UI, while denying unauthorized access to end-user profiles. Your customers manage only their own profiles, or delegate administration, using your application.
Afterwards, all hosted pages associated with your tenant are deactivated.
In the Identity Cloud admin UI, open the Tenant menu, and go to Tenant Settings > Global Settings.
Click End User UI.
On the End User UI page, do one of the following:
To activate hosted pages, beside Hosted Account Pages, click Activate. The Global Settings toggle displays the status as Active.
To deactivate hosted pages, beside Hosted Account Pages, click Deactivate. The Global Settings toggle displays the status as Inactive.
The change takes effect immediately.
When you deactivate hosted pages, all hosted pages associated with your tenant are deactivated.
To prevent end users from viewing sensitive information that may appear in generated login, registration, or password reset pages, you can deactivate the default journey. This prevents a user from navigating to the default administrator login journey.
Afterwards, the journey is no longer visible in the tenant UI.
When you deactivate the default journey, Identity Cloud displays the following web page to a user that attempts to navigate to alpha or bravo realm journey:
After you deactivate the default journey, you can still administer the tenant environment while preventing unauthorized access to default journey information.
For an explanation about how hosted pages integrate with the default journey, refer to the Journeys page.
To view more uses and customization of hosted pages, refer to the following links:
Customize login and end user pages - Customize the look and feel of the login (journey) pages. This includes logos, headers, footers, the layout of the overall page, and the actions and information your end users have access to in the Identity Cloud End User UI.
Localize Identity Cloud end-user and login UIs - Support different languages in the UI with localization.
Identity Cloud End User UI screens - Explore an example of a journey and the Identity Cloud End User UI screens that are shown to end users (depending on the configuration).