How To
ForgeRock Identity Platform
Does not apply to Identity Cloud

How do I configure which pages are displayed upon successful and failed logins in AM (All versions)?

Last updated May 10, 2022

The purpose of this article is to provide information on configuring which pages are displayed upon successful and failed logins in AM. If you have added a RelayState parameter or a goto parameter to the login URL, these parameters (RelayState takes precedence over goto) are used in preference to the settings described in this article.


1 reader recommends this article

Configuring pages to display for successful logins (global)

You can configure pages to display for successful logins using either the console or ssoadm:

  • Console: navigate to: Configure > Authentication > Core Attributes > Post Authentication Processing > Default Success Login URL and add the required URLs.
  • ssoadm:
    1. Create a data file (called DATA_FILE to match the next command) with the following contents: iplanet-am-auth-login-success-url=[URL1] iplanet-am-auth-login-success-url=[URL2] ...replacing [URLn] with your required URLs.
    2. Enter the following command: $ ./ssoadm set-attr-defs -s iPlanetAMAuthService -t organization -u [adminID] -f [passwordfile] -D DATA_FILEreplacing [adminID] and [passwordfile] with appropriate values.
Note

You must restart the web application container in which AM runs to apply these configuration changes. 

Configuring pages to display for successful logins (realm)

You can configure pages to display for successful logins to a realm using either the console or ssoadm:

Note

Realm level successful URLs take precedence over the global level successful URLs if both are specified and the user logs into the realm.

  • Console: navigate to: Realms > [Realm Name] > Authentication > Settings > Post Authentication Processing > Default Success Login URL and add the required URLs.
  • ssoadm:
    1. Create a data file (called DATA_FILE to match the next command) with the following contents: iplanet-am-auth-login-success-url=[URL1] iplanet-am-auth-login-success-url=[URL2] ...replacing [URLn] with your required URLs.
    2. Enter the following command: $ ./ssoadm set-svc-attrs -s iPlanetAMAuthService -e [realmname] -u [adminID] -f [passwordfile] -D DATA_FILEreplacing [realmname], [adminID] and [passwordfile] with appropriate values.
Note

You must restart the web application container in which AM runs to apply these configuration changes. 

Configuring pages to display for failed logins (global)

You can configure pages to display for failed logins using either the console or ssoadm:

  • Console: navigate to: Configure > Authentication > Core Attributes > Post Authentication Processing > Default Failure Login URL and add the required URLs.
  • ssoadm:
    1. Create a data file (called DATA_FILE to match the next command) with the following contents: iplanet-am-auth-login-failure-url=[URL1] iplanet-am-auth-login-failure-url=[URL2] ...replacing [URLn] with your required URLs.
    2. Enter the following command: $ ./ssoadm set-attr-defs -s iPlanetAMAuthService -t organization -u [adminID] -f [passwordfile] -D DATA_FILEreplacing [adminID] and [passwordfile] with appropriate values.
Note

You must restart the web application container in which AM runs to apply these configuration changes. 

Configuring pages to display for failed logins (realm)

You can configure pages to display for failed logins to a realm using either the console or ssoadm:

Note

Realm level failed URLs take precedence over the global level failed URLs if both are specified and the user attempts to log into the realm.

  • Console: navigate to: Realms > [Realm Name] > Authentication > Settings > Post Authentication Processing > Default Failure Login URL and add the required URLs.
  • ssoadm:
    1. Create a data file (called DATA_FILE to match the next command) with the following contents: iplanet-am-auth-login-failure-url=[URL1] iplanet-am-auth-login-failure-url=[URL2] ...replacing [URLn] with your required URLs.
    2. Enter the following command: $ ./ssoadm set-svc-attrs -s iPlanetAMAuthService -e [realmname] -u [adminID] -f [passwordfile] -D DATA_FILEreplacing [realmname], [adminID] and [passwordfile] with appropriate values.
Note

You must restart the web application container in which AM runs to apply these configuration changes. 

See Also

How do I configure a list of valid goto URL resources in AM 5.x, 6.0.0.x, 6.5.0.x, 6.5.1 and 6.5.2.x?

How do I redirect to a specific page after a successful IdP or SP initiated login in AM (All versions)?

Core Authentication Attributes

Configuring Success and Failure Redirection URLs 

Related Training

N/A

Related Issue Tracker IDs

N/A


Copyright and Trademarks Copyright © 2022 ForgeRock, all rights reserved.