Manage Journeys
Identity Cloud comes with pre-configured end-user journeys (formerly called trees). A journey is an end-to-end workflow invoked by an end user or device. Common journeys are account registration and sign-in, for example. Identity Cloud provides templates for common end-user journeys.
You can use the drag-and-drop Journeys editor to configure or modify any of the ready-to-use templates Identity Cloud provides:
- Authentication template
-
Use the Login authentication template to configure sign-in journeys.
- User self-service templates
-
Use a self-service template to let end users manage their accounts or resolve simple password issues without having to engage a system administrator.
- Custom journey
-
Start with a blank canvas when you want to build a custom journey. Drag and drop nodes from the Journeys palette.
- Default end-user journey
-
This is the journey Identity Cloud displays to your end users when they access your default webpage URL. For example, application webpages commonly display a Sign-In link. When the user clicks the link, the Login journey is invoked by default.
There are two ways to set a default end-user journey:
-
To set a new end-user journey as the default:
In the New Journey dialog box, or in the Duplicate Journey dialog box, enable the option: Default journey for end users. -
To set an existing end-user journey as the default:
In the Admin UI, click Journeys to view the Journeys list.
Find the existing journey you want to set as the default. Then from its More (⋯) menu, choose Set as default.
-
- Device profiling support
-
Use the ForgeRock SDKs to create authentication journeys based on device context. See Configure Device Profiling Authentication.
Make a duplicate journey when you want to preserve a template for future use. For example, if you are testing a journey, start with a duplicate. Be sure to give the duplicate journey a unique name. You can create a duplicate journey in two ways:
|
For deep dives into how the journey editor works, see:
-
Authentication Nodes and Trees in the ForgeRock Authentication and SSO Guide.
-
"About User Self-Service" in the ForgeRock Self-Service Reference.
Authentication templates
Login
Create a basic Login journey to let end users authenticate and sign into your app or service using username and password.
Show me the default login journey:

-
In the Admin UI, go to Journeys > Login.
-
Click Edit.
-
Enter details for each node in the Login journey:
-
(Optional) If you don't want to count logins:
-
Select the node, and click Delete.
-
Create a link from Created to checkmark.
-
-
For information about all available nodes, see Authentication Nodes Configuration Reference.
-
To test the journey, copy the Preview URL, and paste the URL into a browser using Incognito or Browsing mode.
-
When you’re satisfied with your journey, click Save.
Device profiling
Use the ForgeRock SDK to create journeys that let inanimate objects authenticate based on device context. Cell phones and smartwatches are examples of devices that have own identities. Device context provides Identity Cloud with information about how or where a devices is used to authenticate.
For detailed instructions, see Configure Device Profiling Authentication.
User self-service templates
Registration
Create a registration journey to let end users create their own account for your app or service.
Show me the default registration journey:

-
In the Admin UI, go to Journeys > Registration.
-
Click Edit.
-
Enter details for each node in the Registration journey.
-
(Optional) If you don't want to count logins:
-
Select the node, and click Delete.
-
Create a link from Created to checkmark.
-
-
For information about all available nodes, see Authentication Nodes Configuration Reference.
-
To test the journey, copy the Preview URL, and paste the URL into a browser using Incognito or Browsing mode.
-
When you’re satisfied with your journey, click Save.
Progressive profile
Create a Progressive Profile journey to when you want to trigger a conditional event in the end user’s journey.
The default journey triggers a reminder for the end user to set their preferences for receiving news and special offers. The reminder is displayed only if the end user logs in three times without selecting preferences. If the end user makes no selection, the reminder expires and is not displayed again. If the end user selects one or more options, the preferences get set in the end-user’s profile.
Show me the default progressive profile journey:

-
In the Admin UI, go to Journeys > Progressive Profile.
-
Click Edit.
-
Provide details for these nodes in the Progressive Profile journey:
-
In the Admin UI, go to Journeys > Progressive Profile.
-
Provide details for these nodes in the Progressive Profile journey:
-
For information about all available nodes, see Authentication Nodes Configuration Reference.
-
To test the journey, copy the Preview URL, and paste the URL into a browser using Incognito or Browsing mode.
-
When you’re satisfied with your journey, click Save.
Update password
Create an Update Password journey to let end users change their existing passwords. End users may be required to change their password at regular intervals. Or they might have to change a password that’s been compromised.
-
In the Admin UI, go to Journeys > Update Password.
-
Click Edit.
-
Provide details for these nodes in the Update Password journey:
-
For information about all available nodes, see Authentication Nodes Configuration Reference.
-
To test the journey, copy the Preview URL, and paste the URL into a browser using Incognito or Browsing mode.
-
When you’re satisfied with your journey, click Save.
Reset password
Create a Reset Password journey to let end users change their existing passwords. End users typically reset their passwords when they’ve forgotten the password they set.
Show me the default reset password journey:

-
In the Admin UI, go to Journeys > Reset Password.
-
Click Edit.
-
Provide details for these nodes in the Reset Password journey:
-
For information about all available nodes, see Authentication Nodes Configuration Reference.
-
To test the journey, copy the Preview URL, and paste the URL into a browser using Incognito or Browsing mode.
-
When you’re satisfied with your journey, click Save.
Forgotten username
Create a Forgotten Username journey to let end users retrieve their username from their user account data.
Show me the default forgotten username journey:

-
In the Admin UI, go to Journeys > Forgotten Username.
-
Click Edit.
-
Provide details for these nodes in the Forgotten Username journey:
-
For information about all available nodes, see Authentication Nodes Configuration Reference.
-
To test the journey, copy the Preview URL, and paste the URL into a browser using Incognito or Browsing mode.
-
When you’re satisfied with your journey, click Save.
Custom journey
Create a custom journey when none of the ready-to-use templates suits your needs.
-
In the Admin UI, click Journeys.
-
Click + New Journey.
-
Enter journey details.
Journey Details:
-
Name: Name to display in the Journeys list.
-
Identity Object: Identifier for the user or device to authenticate
-
(Optional) Description: Summarize end-user interaction.
-
(Optional) Tags: For organizing journeys to make them easier to find.
-
-
Click Create journey.
-
Use the journey editor to create your custom journey.
Drag nodes from the palatte and arrange them on the blank canvas. -
Provide information for each node.
For information about all available nodes, see Authentication Nodes Configuration Reference. -
To test the journey, copy the Preview URL, and paste the URL into a browser using Incognito or Browsing mode.
-
When you’re satisfied with your journey, click Save.
More information
For deep dives into how the journey editor works, see:
-
Authentication Nodes and Trees in the ForgeRock Authentication and SSO Guide.
-
"About User Self-Service" in the ForgeRock Self-Service Reference.
-
For information about all available nodes, see Authentication Nodes Configuration Reference.