AM 7.4.1

Configuration Provider node

The Configuration Provider node is a scripted node that dynamically imitates another node and replaces it in the journey.

The script builds a map of configuration properties matching settings for the imitated node. The Configuration Provider node uses the settings to imitate the other node.

Compatibility

Product Compatible?

ForgeRock Identity Cloud

ForgeRock Access Management (self-managed)

ForgeRock Identity Platform (self-managed)

Inputs

The specific shared state inputs depend on your script and the configuration it builds. The shared state data must include all required Script Inputs properties.

In other words, shared state data must include whatever the Script requires to prepare configuration data for the imitated node.

Dependencies

To prepare to use this node:

  1. Decide what type of node to imitate.

    The imitated node must have a fixed set of outcomes. You can’t use a node type whose outcomes change based on the node configuration.

  2. Create an appropriate Config Provider script.

    Base your script on the config-provider-node.js sample.

  3. Obtain the list of required configuration properties for the imitated node.

    In the Identity Platform admin UI for a ForgeRock Identity Platform deployment:

    1. Create a journey with the imitated node.

    2. Configure the imitated node.

    3. Open your browser’s developer tools panel.

    4. Select the Network tab.

    5. Save the journey and examine the body of the REST request JSON to find the configuration of the imitated node.

    For example, you find a Message node has these configuration properties:

    • message

    • messageYes

    • messageNo

    In AM admin UI for a standalone AM deployment, use the API explorer endpoint /realm-config/authentication/authenticationtrees/nodes/NodeType#_action_template.

    The following request returns the configuration properties for a Message node:

    $ curl \
    --request POST \
    --header "<cookie>: <token>" \
    "https://openam.example.com:8443/openam/json/realm-config/authentication/authenticationtrees/nodes/MessageNode?_action=template"
    {
      "messageYes": {},
      "message": {},
      "messageNo": {}
    }

    Your script builds a config object, a map of configuration properties matching the settings of the imitated node. The following example consumes the username shared state property to build the Message node configuration:

    config = {
        "message": {"en-GB": `Hi ${nodeState.get("username")}. Please confirm you are over 18.`},
        "messageYes": {"en-GB": "Confirm"},
        "messageNo": {"en-GB": "Deny"},
    }

Configuration

Property Usage

Script

Select the script you created for this node.

Node Type

Select the type of node to imitate.

Script Inputs

Optionally limit the shared state data properties in the shared state input to the selected Script.

Default: * (Any available shared state property)

Outputs

The outputs match those of the imitated node.

Outcomes

The Configuration Provider node inherits all the outcomes of its configured Node Type. Connect these as you would the outcomes of the imitated node.

This node also has a Configuration failure outcome. The Configuration failure outcome arises when:

  • The Configuration Provider node failed to build the configuration map.

  • The configuration map is missing required values.

  • The configuration map is invalid.

Errors

In addition to the messages from the imitated node, this node can log the following:

Warnings
  • Failed to collect inputs of contained node: node-type

    A required input property was missing.

  • Failed to get outcome provider for node type.

    The Node Type outcomes were missing.

Errors
  • Failed to configure node: node-type

    This corresponds to the Configuration failure outcome.

To troubleshoot HTTP errors this node causes, refer to the Errors section of the imitated node.

Examples

In the following example, the Configuration Provider node imitates a Message node.

The Configuration Provider settings are the following:

Script

A script to configure a Message node dynamically.

The script accesses the username from shared state data to set the message:

config = {
    "message": {"en-GB": `Hi ${nodeState.get("username")}. Please confirm you are over 18.`},
    "messageYes": {"en-GB": "Confirm"},
    "messageNo": {"en-GB": "Deny"},
}
Node Type

Message Node

Script Inputs

username

The default, *, also works because username is one of the available shared state properties.

The Configuration Provider node is part of a journey where the user enters their username and password before getting the message screen, so their username is in the shared state data. Notice the outcomes of the node include those of the Message node (True, False):

Journey with a [.label]#Configuration Provider# node

When the journey reaches the Configuration Provider node, the script for the node retrieves the username and dynamically configures the node. The Configuration Provider node, imitating a Message node, prompts the user with the message:

A [.label]#Configuration Provider# node imitating a [.label]#Message# node
  • When the user clicks Confirm, the journey continues to the Increment Login Count node.

  • When the user clicks Deny, the journey continues to the Failure node.

  • If the configuration process fails, the node triggers the Configuration failure outcome and the journey continues to the Failure node. In this case, you can find the reason for the failure in the logs.