Certificate User Extractor node
Extracts a value from the certificate collected by the Certificate Collector node, and searches for it in the identity store. The goal is to match the certificate with a user in the identity store.
The extracted value is stored in the username
key in the shared node state.
Compatibility
Product | Compatible? |
---|---|
ForgeRock Identity Cloud |
|
ForgeRock Access Management (self-managed) |
|
ForgeRock Identity Platform (self-managed) |
Outcomes
-
Extracted
-
Not Extracted
Evaluation continues through the Extracted
path if AM finds a match for the certificate in the identity store;
otherwise, evaluation continues on the Not Extracted
path.
Properties
Property | Usage |
---|---|
Certificate Field Used to Access User Profile |
Specifies the field in the certificate that AM uses to search for the user in the identity store. Possible values are:
If you select Select Default: |
Other Certificate Field Used to Access User Profile |
Specifies a custom certificate field to use as the base of the user search. |
SubjectAltNameExt Value Type to Access User Profile |
Specifies how to look up the user profile:
Default: |