ForgeRock SDKs

Create the authentication tree

The following content applies to all SDKs.

Authentication trees (journeys) provide fine-grained authentication by allowing multiple paths and decision points throughout the authentication flow. Authentication trees are made up of nodes that define actions taken during authentication.

Nodes are granular. Each node performs a single task, such as collecting a username or making a simple decision. Nodes can have multiple outcomes rather than just success or failure. For details, see the Authentication nodes configuration reference in the AM documentation.

  1. Under Realm Overview, click Authentication Trees, then click Create Tree.

  2. Enter a tree name; for example sdkAuthenticationTree, and click Create.

    The authentication tree designer appears, showing the Start entry point connected to the Failure exit point.

  3. Drag the following nodes from the Components panel on the left side into the designer area:

    • Page Node

    • Username Collector

    • Password Collector

    • Data Store Decision

  4. Drag and drop the Username Collector and Password Collector nodes onto the Page Node, so that they both appear on the same page when logging in.

  5. Connect the nodes as follows:

    Example user authentication tree
  6. Select the Page Node, and in the Properties pane, set the Stage property to UsernamePassword.

    You can configure the node properties by selecting a node, and altering properties in the right-hand panel.

    One of the samples uses this specific value to determine the custom UI to display.

  7. Click Save.

Copyright © 2010-2022 ForgeRock, all rights reserved.