Zero Page Login Collector node
The Zero Page Login Collector node verifies the presence of specific HTTP username and password headers in the incoming authentication request. If the headers exist, the node uses their corresponding values as the provided username and password.
The Zero Page Login Collector node is commonly used to:
-
Connect the
Has Credentials
outcome connector to the input of a Data Store Decision node. -
Connect the
No Credentials
outcome connector to the input of a Username Collector node followed by a Password Collector node (standalone AM) or a Platform Username node followed by a Platform Password node (ForgeRock Identity Platform deployment), and then into the same Data Store Decision node. For an example of this layout, refer to the defaultExample
authentication tree provided in AM.
The password collected by this node remains in the node state only until the journey reaches the next node that requires user interaction.
Compatibility
Product | Compatible? |
---|---|
ForgeRock Identity Cloud |
|
ForgeRock Access Management (self-managed) |
|
ForgeRock Identity Platform (self-managed) |
Compatibility
Product | Compatible? |
---|---|
ForgeRock Identity Cloud |
|
ForgeRock Access Management (self-managed) |
|
ForgeRock Identity Platform (self-managed) |
Inputs
-
HTTP username header
-
HTTP password header
-
An allowlist of referrers if
Allow Without Referer
property is disabled. When you set theAllow Without Referer
property tofalse
, the request must contain a referrer from the allowlist; otherwise, the journey ends in a failure.
Configuration
Properties
Property | Usage | ||
---|---|---|---|
Username Header name |
Enter the name of the header that contains the username value. Default: X-OpenAM-Username |
||
Password Header name |
Enter the name of the header that contains the password value. Default: X-OpenAM-Password |
||
Allow without referer |
If enabled, the node accepts incoming requests that do not contain a If disabled, a Default: |
||
Referer Whitelist |
Specify a list of URLs allowed in the
|
Outcomes
-
Has Credentials
-
No Credentials
Evaluation continues along the Has Credentials
outcome path
if the specified headers are available in the request,
or the No Credentials
path if the specified headers are not present.
Errors
- If more than one header value exists for username and/or password, the node returns the following error message
-
"Expecting only one header value for username and/or password but size is {}."
- If the node can’t decode the header values, the node returns the following error message
-
"Could not decode username or password header."