KBA Definition node
The KBA Definition node collects knowledge-based authentication (KBA) questions and answers.
Use this node when creating or updating a user with KBA enabled. For more information, refer to Security questions.
Compatibility
Product | Compatible? | ||
---|---|---|---|
PingOne Advanced Identity Cloud |
Yes |
||
PingAM (self-managed)
|
Yes |
||
Ping Identity Platform (self-managed) |
Yes |
Configuration
Property | Usage |
---|---|
Purpose Message |
A localized message describing the purpose of the data requested from the user. Default: none |
Allow User-Defined Questions |
When enabled, users can create their own KBA questions. Disable this setting to restrict users to select from predefined questions only. Default: Enabled |
Questions |
Create or modify custom localized questions that the user can choose from when defining security questions. To add a localized security question:
To edit an existing security question, click the edit icon , make your changes, and click Save. Default: |
Errors
This node logs a Failed to retrieve kba configuration
warning message when it can’t read the configuration.
Example
The following registration journey prompts for questions and answers when creating an account:
-
The Page node collects registration information:
-
The Platform Username node prompts for and collects a username for the new account.
-
The Attribute Collector node prompts for a given name, a surname, an email address, and profile preferences.
-
The Platform Password node prompts for and collects a password.
-
The KBA Definition node collects questions and answers.
-
The Accept Terms and Conditions node prompts the user to accept the active terms and conditions.
-
-
The Create Object node stores the collected information in the new account object.
-
The Increment Login Count node updates the number of successful authentications.