Passthrough Authentication node

Authenticates an identity through a connector to a third-party service.

This lets you migrate user profiles without forcing users to reset their passwords, or retain a third-party service indefinitely as the canonical store for authentication credentials.

This functionality requires that you configure AM as part of a ForgeRock Identity Platform deployment.

Before you use the node:

Configure the connector to the third-party service.

For details, refer to Connectors in the IDM documentation.
If you plan to collect credentials in the identity repository for users, synchronize accounts from the third-party service.

For details, refer to Synchronization in the IDM documentation.

Use this node after collecting the authentication credentials. For example, use the Username Collector node and the Password Collector node to collect the username and password.

Pass the credentials to this node to authenticate the identity against the service.

Outcomes

Authenticated
Missing Input
Failed

Properties

Property Usage

Property	Usage
System Endpoint	Required. Name of the connector to the third-party service that performs authentication.
Object Type	The OpenICF object type for the object being authenticated. Default: `account`
Identity Attribute	The username attribute for authentication. Default: `userName`
Password Attribute	The password attribute for authentication. Default: `password`

System Endpoint

Required. Name of the connector to the third-party service that performs authentication.

Object Type

The OpenICF object type for the object being authenticated.

Default: account

Identity Attribute

The username attribute for authentication.

Default: userName

Password Attribute

The password attribute for authentication.

Default: password

AM 7.3.1

Passthrough Authentication node

Outcomes

Properties