Identity Cloud

Journeys

Overview

Identity Cloud comes with pre-configured end-user journeys (formerly called trees). A journey is an end-to-end workflow invoked by an end user or device. Identity Cloud provides templates for common end-user journeys; for example, account registration and sign-in.

You can use the hosted pages theme editor to configure or modify the layout and appearance of journeys.

You can use the drag-and-drop journey editor to configure or modify the journey templates:

Authentication template

Use the Login authentication template to configure sign-in journeys.

User self-service templates

Use a self-service template to let end users manage their accounts or resolve simple password issues without having to engage a tenant administrator.

Custom journey

Start with a blank canvas when you want to build a custom journey, and drag and drop nodes from the nodes list.

Default end-user journey

The journey Identity Cloud displays to end users when they access a default webpage URL. For example, application webpages commonly display a sign-in link. When the end user clicks the link, the Login journey is invoked by default.

Set a default end-user journey as follows:

  • Set a new journey as the default:

    • In the Identity Cloud admin UI, click Journeys and New Journey.

    • On the New Journey page, enable the option Default journey for end users.

  • Set an existing journey as the default:

    • In the Identity Cloud admin UI, click Journeys to view the list of journeys.

    • Select a journey, and click and Set as default.

Device profiling support

Use the ForgeRock SDKs to create authentication journeys based on device context. For more information, refer to Configure device profiling authentication.

Scripting

Add JavaScript to a scripted decision node to customize the outcome of an authentication journey.

Use the auth scripting editor to do the following:

Authentication templates

Login

Create a basic Login journey for end users to authenticate and sign in to an app or service with a username and password.

Show me the default login journey
login
  1. In the Identity Cloud admin UI, go to Journeys > Login.

  2. Hover over the journey schematic, and click Edit.

  3. Enter information for each node in the journey:

  4. To test the journey, copy the Preview URL, and paste the URL into a browser using Incognito or Browsing mode.

  5. When you’re satisfied with your journey, click Save.

Device profiling

Use the ForgeRock SDK to create journeys that let inanimate objects authenticate based on device context. Cell phones and smartwatches are examples of devices that have their own identities. Device context provides Identity Cloud with information about how or where a device is used to authenticate.

For detailed instructions, refer to Configure device profiling authentication.

User self-service templates

Registration

Create a registration journey to let end users create their own account for an app or service.

Show me the default registration journey
register
  1. In the Identity Cloud admin UI, go to Journeys > Registration.

  2. Hover over the journey schematic, and click Edit.

  3. Enter information for each node in the journey:

  4. To test the journey, copy the Preview URL, and paste the URL into a browser using Incognito or Browsing mode.

  5. When you’re satisfied with your journey, click Save.

Progressive profile

Create a Progressive Profile journey to trigger a conditional event in the journey.

The default journey triggers a reminder to set preferences for receiving news and special offers. The reminder is displayed only if the end user logs in three times without selecting preferences. If the end user makes no selection, the reminder expires and is not displayed again. If the end user selects one or more options, the preferences get set in the end user’s profile.

Show me the default progressive profile journey
progressive login
  1. In the Identity Cloud admin UI, go to Journeys > Progressive Profile.

  2. Hover over the journey schematic, and click Edit.

  3. Enter information for each node in the journey:

  4. To test the journey, copy the Preview URL, and paste the URL into a browser using Incognito or Browsing mode.

  5. When you’re satisfied with your journey, click Save.

Update password

Create an Update Password journey to let end users change their passwords. End users may be required to change passwords at regular intervals or if a password is compromised.

  1. In the Identity Cloud admin UI, go to Journeys > Update Password.

  2. Hover over the journey schematic, and click Edit.

  3. Enter information for each node in the journey:

  4. To test the journey, copy the Preview URL, and paste the URL into a browser using Incognito or Browsing mode.

  5. When you’re satisfied with your journey, click Save.

Reset password

Create a Reset Password journey to let end users change their existing passwords. End users typically reset their passwords when they’ve forgotten the password they set.

Show me the default reset password journey
reset password
  1. In the Identity Cloud admin UI, go to Journeys > Reset Password.

  2. Hover over the journey schematic, and click Edit.

  3. Enter information for each node in the journey:

  4. To test the journey, copy the Preview URL, and paste the URL into a browser using Incognito or Browsing mode.

  5. When you’re satisfied with your journey, click Save.

Forgotten username

Create a Forgotten Username journey to let end users retrieve their username from their user account data.

Show me the default forgotten username journey
forgot username
  1. In the Identity Cloud admin UI, go to Journeys > Forgotten Username.

  2. Hover over the journey schematic, and click Edit.

  3. Enter information for each node in the journey:

  4. To test the journey, copy the Preview URL, and paste the URL into a browser using Incognito or Browsing mode.

  5. When you’re satisfied with your journey, click Save.

Custom journeys

Create a custom journey when none of the ready-to-use templates suits your needs.

  1. In the Identity Cloud admin UI, click Journeys.

  2. Click + New Journey.

  3. Enter journey details.

    Journey Details:
    • Name: Name to display in the Journeys list.

    • Identity Object: Identifier for the user or device to authenticate.

    • (Optional) Description: Summarize end user interaction.

    • (Optional) Tags: For organizing journeys to make them easier to find.

  4. Click Create journey.

  5. Use the journey editor to create your custom journey.
    Drag nodes from the palette and arrange them on the blank canvas.

  6. Provide information for each node, and connect nodes
    For information about all available nodes, refer to Authentication nodes configuration reference.

  7. To test the journey, copy the Preview URL, and paste the URL into a browser using Incognito or Browsing mode.

  8. When you’re satisfied with your journey, click Save.

Duplicate journeys

Duplicate a journey to preserve a template for future use. For example, if you are testing a journey, start with a duplicate. Give the duplicate journey a unique name.

Create a duplicate journey in the following ways:

  • Click Journeys to view the existing journeys list. Find the template name. Then, click its More () menu, and choose Duplicate.

  • In the Journey editor, click More (), and choose Duplicate.

Export journeys

You can export journeys, including all dependencies like nodes, inner trees, and scripts.

Use this feature to export journeys from one environment, such as a development environment, to another.

  1. In the Identity Cloud admin UI, go to Journeys.

  2. Check the checkbox beside one more journeys.

  3. Click Export.

  4. View the information on the Export Journeys page.

  5. Click Export.

Import journeys

You can import journeys, including all dependencies such as nodes, inner trees, and scripts.

Use this feature to import a journey from one environment, such as a development environment, to another.

  1. In the Identity Cloud admin UI, go to Journeys, and click Import.

  2. Download or skip back up:

    • Download a backup of your existing journeys so that you can restore them in case of error or unexpected behavior during or after import:

      1. To view the backup summary, click Show backup summary.

      2. Click Download Backup.

    • Skip the download:

      1. Click Skip Backup.

      2. In the dialog box, click Skip Backup again.

  3. Configure the import:

    1. On the Import Journeys page, browse to and select a JSON file that contains the journey’s configurations to import.

    2. Select the identity object that the journey authenticates.

    3. In the Conflict Resolution section, choose how the system resolves import conflicts:

      • Overwrite all conflicts (default)

      • Manually pick conflict resolution

    4. Click Next.

    5. Review the information on the Import Summary page.

    6. Click Start Import.

    7. On the Import Complete page, click Done.

More information

For deep dives into how the journey editor works, see:

Copyright © 2010-2022 ForgeRock, all rights reserved.