ForgeRock Identity Platform 7.4

Username recovery

Username recovery lets the user recover their username, using other information they remember, such as their email address. The ForgeRock Identity Platform includes a sample Forgotten Username journey that is used for this purpose. It collects a user’s email address, then uses that to search for a user with that address. It then emails the user the username associated with that email address. An alternative journey is to send a verification link, then use the Display Username node once the user returns from the email.

When reviewing the sample journey, notice that both Identify Existing User node outputs connect to the Email Suspend node.

This is recommended behavior for security reasons. If you return different outcomes, you can potentially expose which users have accounts in your system.

Sample forgotten username journey

Example forgotten username REST output

When calling a username recovery self-service endpoint, you will receive a JSON object back, containing callbacks for each of the nodes included in the username recovery journey.

Sample JSON callbacks
{
  "authId": "<omitted for length>",
  "callbacks": [
    {
      "type": "StringAttributeInputCallback",
      "output": [
        {
          "name": "name",
          "value": "mail"
        },
        {
          "name": "prompt",
          "value": "Email Address"
        },
        {
          "name": "required",
          "value": true
        },
        {
          "name": "policies",
          "value": {}
        },
        {
          "name": "failedPolicies",
          "value": []
        },
        {
          "name": "validateOnly",
          "value": false
        },
        {
          "name": "value",
          "value": ""
        }
      ],
      "input": [
        {
          "name": "IDToken1",
          "value": ""
        },
        {
          "name": "IDToken1validateOnly",
          "value": false
        }
      ],
      "_id": 0
    }
  ],
  "header": "Forgotten Username",
  "description": "Enter your email address or <a href=\"#/service/Login\">Sign in</a>"
}
Copyright © 2010-2024 ForgeRock, all rights reserved.