Identity Cloud

User self-service overview

User Self-Service lets your users create and manage their own accounts, while giving you control over what features are available and how they work.

Authentication trees and self-service

The following nodes were created specifically for use in self-service flows, although you can also use them in other authentication flows:

Table 1. Nodes Requiring the ForgeRock Identity Platform

If you are using a third-party node from the ForgeRock Marketplace, check with the developer for compatibility.

The following sample trees are available:


The sample Registration tree describes a basic registration flow, where the user is prompted to provide several profile attributes, then attempts to create the user and log the user in. More information is covered in User self-registration. For more information about configuring registration to include social identity providers, see Social authentication.


The sample Login tree describes a basic login flow, where the user is prompted to provide a username and password, then passed to a progressive profile tree before being logged in. More information about modifying the Login tree is covered in Login with self-service. For more information about including social identity providers in a Login tree, see Social authentication.

Progressive Profiles

The sample Progressive Profile tree is called by the Login tree sample. It checks the login count to see if further action is needed. If no action is required, it returns to the Login tree to complete logging in. If the specified number of logins is reached, it instead checks to see if user preferences have been set, and if not, prompts the user to set those preferences. It then returns to the Login tree to finish logging in. For more information about using progressive profiling, see Progressive profile.

Password Reset

The Password Reset sample tree provides a method for users to reset their password by providing their email and answering some security questions. If the questions are answered correctly, the user is emailed a password reset link, which they must click to proceed. They are then presented with a password prompt to enter a new password. For more information, see Password reset.

Forgotten Username

The Forgotten Username sample tree gives users a method to recover their username by entering an email address. If the email address is associated with a user account, the account’s username will be emailed to the user. The email includes a link to log in, which will take the user through the Login tree. For more information, see Username recovery.

Update Password

The Update Password sample tree lets users change their passwords. The tree assumes that the user has already logged in successfully. It checks the user’s session data and, if the session is valid, prompts the user to update their password. For more information, see Password updates.

Copyright © 2010-2022 ForgeRock, all rights reserved.