Failure node
The Failure node is a required element indicating the journey ended in failure.
Compatibility
Product | Compatible? |
---|---|
ForgeRock Identity Cloud |
|
ForgeRock Access Management (self-managed) |
|
ForgeRock Identity Platform (self-managed) |
Errors
The error depends on the Authentication > Settings > Account Lockout > Login Failure Lockout Mode setting for the realm in the AM admin UI.
Without the setting enabled, by default, the node returns an error with a message such as the following:
{"code":401,"reason":"Unauthorized","message":"Login failure"}
With the setting enabled, the node checks the invalid attempts property of the user profile and does the following:
-
Returns a warning message if the number of failed attempts is equal to or greater than the Authentication > Settings > Account Lockout > Warn User After N Failures setting:
{ "code": 401, "reason": "Unauthorized", "message": "Warning: You will be locked out after 1 more failure(s).", "detail": { "failureUrl": "" } }
-
Increments the failure count in the user profile.
-
Returns an error message if the account is
Inactive
:{ "code": 401, "reason": "Unauthorized", "message": "User Locked Out.", "detail": { "failureUrl": "" } }
To troubleshoot an authentication failure, review the steps in the journey to find what caused the failure.