AM 7.3.2

Email Suspend node

Generates and sends mail to a user, such as an address verification email, based on an email template in IDM. Authentication pauses until the user clicks a link in the email to resume the flow.

This functionality requires that you configure AM as part of a ForgeRock Identity Platform deployment.

This node generates the link and passes it to IDM as the resumeURI property of the email object. It uses the email service configured in IDM to send email. If there is no need to pause authentication and wait for a response from email, use the Email Template node instead.

Properties

Property Usage

Email Template Name

The name of the IDM email template. Check IDM for the names of available email templates, or to create a new template.

Email Attribute

The IDM attribute storing the address to send the email to.

Email Suspend Message

The localized message to return once AM suspends authentication. The default message is, "An email has been sent to your inbox."

Object Lookup

Determines whether to look up the object in IDM. If enabled, AM queries IDM for an existing object; otherwise, the node uses the object in the shared node state.

For example, if the flow suspends user registration before creating the user object, disable this option. If registration has created the new user object while authentication was suspended, enable this option.

Identity Attribute

The attribute used to identify the object in IDM.

Example

The following is an example of a forgotten password flow. The user enters information that the Identify Existing User node uses to try to identify them. Next, AM uses the Email Suspend node to send mail to the user and suspend authentication. Once authentication resumes, AM sends the user to a different flow to reset their password:

Use the Email Suspend node when resetting a forgotten password.