Configure Multiple User Self-Registration Flows

You can set up multiple self-registration flows, with features limited only by the capabilities listed in Self-Registration.

Note

Multiple self-registration flows, and customization of the End User UI beyond what is described in this document (and the noted public Git repository), are not supported.

For additional information on customizing the End User UI, see the following ForgeRock Git repository: ForgeRock/end-user-ui: Identity Management (End User).

For example, you may want to set up different portals for regular employees and contractors. You'd configure each portal with different self-registration flows, managed by the same IDM backend. Each portal would use the appropriate registration API.

To prepare for this section, you'll need a selfservice-registration.json file. You can find a copy in the following directory: /path/to/openidm/samples/example-configurations/self-service.

To avoid errors when using this file, you should either:

  • Copy the following files from the same directory:

    selfservice.terms.json
    selfservice-termsAndConditions.json

  • Delete the termsAndConditions code block from the respective selfservice-registration*.json files.

User self-registration is normally coded in the selfservice-registration.json file. In preparation, copy this file to the selfservice-registration*.json to the names shown in the following list:

  • Employee Portal

    • Configuration file: selfservice-registrationEmployee.json

    • URL: https://localhost:8443/openidm/selfservice/registrationEmployee

    • verificationLink: https://localhost:8443/#/registrationEmployee

  • Contractor Portal

    • Configuration file: selfservice-registrationContractor.json

    • URL: https://localhost:8443/openidm/selfservice/registrationContractor

    • verificationLink: https://localhost:8443/#/registrationContractor

Edit the configuration file for each portal.

  1. Modify the verificationLink URL associated with each portal as described.

  2. Edit your access configuration (conf/access.json), by adding an endpoint for each new self-service registration file, after the selfservice/registration section. For example, the following code excerpt would apply to the registrationEmployee and registrationContractor endpoints: 

    {
    "pattern"    : "selfservice/registrationEmployee",
    "roles"      : "*",
    "methods"    : "read,action",
    "actions"    : "submitRequirements"
},
{
    "pattern"    : "selfservice/registrationContractor",
    "roles"      : "*",
    "methods"    : "read,action",
    "actions"    : "submitRequirements"
},

  3. Modify the functionality of each selfservice-registration*.json file as desired. For guidance, see the sections noted in the following table:

    Configuring selfservice-registration*.json Files for Different Portals
    FeatureCode BlockLink
    Social Registration
    "socialRegistrationEnabled" : true,
    		Social Registration
    Properties requested during self-registration
    "registrationProperties" : [
    "userName",
    "givenName",
    "sn",
    "mail"
],
    		"Configure the User Self-Registration Form"
    Terms & Conditions
    {
    "name" : "termsAndConditions"
}
    		"Terms & Conditions"
    Privacy & Consent
    {
    "name" : "consent",
    "consentTranslations" : {
        "en" : "substitute appropriate Privacy & Consent wording",
        "fr" : "substitute appropriate Privacy & Consent wording, in French"
    }
},
    		 
    reCAPTCHA
    {
    "name" : "captcha",
    "recaptchaSiteKey" : "<siteKey>",
    "recaptchaSecretKey" : "<secretKey>",
    "recaptchaUri" : "https://www.google.com/recaptcha/api/siteverify"
}
    		"Configure Google reCAPTCHA"
    Email Validation "Configuring Emails for Self-Service Registration"
    Security Questions
    {
    "name" : "kbaSecurityAnswerDefinitionStage",
    "kbaConfig" : null
},
    		"Configure Security Questions"

    If you leave out the code blocks associated with the feature, you won't see that feature in the self-service registration flow. In that way, you can set up different self-service registration flows for the Employee and Contractor portals.

Once you've configured both portals, you can make REST calls to both URLs:

https://localhost:8443/openidm/selfservice/registrationEmployee
https://localhost:8443/openidm/selfservice/registrationContractor

For more advice on how you can create custom registration flows, see the following public ForgeRock Git repository: Identity Management (End User) - UI.

Note

The changes described in this section require changes to the End User UI source code as described in the noted public Git repository. Pay particular attention to the instructions associated with the Registration.vue file.

Read a different version of :