Authentication nodes

Set Success Details node

The Set Success Details node adds additional details to the JSON response on successful authentication. You can add details to the response body and set custom response headers.

Response body

You can add either or both of the following to the JSON response:

  • Success details: Lets you add static key:value fields to the JSON response.

  • Session properties: Lets you add key:value fields to the JSON response, where value corresponds to the value of the specified session property.

    This lets you retrieve session properties in the journey without needing additional post-authentication processing.

You can’t override the default tokenId, successUrl, and realm fields returned in the JSON response.

Response headers RAPID only

You can set custom headers to include in the JSON response.

You can’t modify the protected HTTP headers, nor can you modify the session cookie or load balancer cookie using the Set-Cookie header.

Protected HTTP headers

  • X-Frame-Options

  • X-Content-Type-Options

  • Cache-Control

  • Content-API-Version

  • Expires

  • Pragma

  • Content-Type

  • Content-Length

  • Date

  • Keep-Alive

  • Connection

  • Transfer-Encoding

  • Server

  • Trailer

  • Upgrade

Examples

Example 1: Add static content and session properties

This example uses the Set Success Details node to add the following additional details to the JSON response:

  • A static authMethod:password field.

  • A universalId session property, which returns the corresponding value from the session when the user authenticates.

Journey with a Set Success Details node

  • The Page node containing the Platform Username node and Platform Password node prompts for credentials.

  • The Data Store Decision node validates the username-password credentials.

  • The Increment Login Count node updates the number of successful authentications in the user profile.

  • The Set Success Details node adds the additional configured details to the JSON response upon successful authentication. This example uses the following configuration:

    Success Details

    Key: authMethod

    Value: password

    Session Properties

    Key: universalId

    Value: sun.am.UniversalIdentifier

When the user authenticates successfully using this journey, the JSON response includes the additional details you configured. For example:

{
    "tokenId": "AQIC5wM…​TU3OQ*",
    "successUrl": "/enduser/?realm=/alpha",
    "realm": "/alpha",
    "universalId": "id=bjensen,ou=user,o=alpha,ou=services,ou=am-config",
    "authMethod": "password"
}

Example 2: Add dynamic content

This example uses the Configuration Provider node to imitate the Set Success Details node. Using the Configuration Provider node lets you add dynamic content to the JSON response, such as an API response, in addition to static content and session properties.

Journey with a Configuration Provider node imitating the Set Success Details node

Find more information in Example 2: Imitate the Set Success Details node.

Example 3: Set custom response headers

RAPID only

This example uses the Set Success Details node to set a Custom-Auth response header on successful authentication. This header could be read by a legacy API gateway or reverse proxy that uses Advanced Identity Cloud to handle the authentication logic.

Journey with a Set Success Details node

Follow these steps to try the example:

  1. Create the example journey using the journey editor.

  2. Authenticate a test user with the journey. Make sure you include the --show-headers option (or --include in older curl versions) to return the response headers:

    $ curl --show-headers \
--request POST \
--header 'X-OpenAM-Username: bjensen' \
--header 'X-OpenAM-Password: Ch4ng3it!' \
--header "Accept-API-Version: resource=2.1, protocol=1.0" \
"https://tenant-env-fqdn/am/json/realms/root/realms/alpha/authenticate?authIndexType=service&authIndexValue=myJourney"

HTTP/1.1 200
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
...
Custom-Auth: username-password
...

{
    "tokenId": "AQIC5wM…​TU3OQ*",
    "successUrl": "/enduser/?realm=/alpha",
    "realm": "/alpha"
}

Availability

Product Available?

PingOne Advanced Identity Cloud

Yes

PingAM (self-managed)

Yes

Ping Identity Platform (self-managed)

Yes

Inputs

None. This node doesn’t read shared state data.

Dependencies

Make sure the user can successfully authenticate and get a session.

If this node is added to a no session journey or the noSession query parameter is used during authentication, the journey will fail.

Configuration

Property Usage

Success Details

The success details to add:

  • To add a static field:

    1. Click Add in the Success Details modal.

    2. Enter the field name to display in the Key field and the corresponding value to display in the Value field.

      The value can be a simple text string, a boolean value, or a JSON formatted value. The value is formatted appropriately when output in the JSON response.

      For example:

      Key Value Output

      example

      this is a test value

      		 
      "example": "this is a test value"

      boolean

      true

      		 
      "boolean": true

      field

      { "nested": "nested value" }

      		 
      "field": {
   "nested": "nested value"
}

    3. Click Done.

  • To edit a field:

    1. Click the Pencil icon ().

    2. Update the Key and Value as when adding fields.

  • To remove a field, click the Delete icon ().

When finished, click Save to keep your settings.

Session Properties

The session properties to add.

Session property details are only added to the JSON response if the session property exists in Advanced Identity Cloud and it’s available in the authenticated session.

You can find a list of the default session properties in Configure webhooks.

  • To add a session property:

    1. Click Add in the Session Properties modal.

    2. Enter the field name to display in the Key field and the session property name in the Value field.

    3. Click Done.

  • To edit a property:

    1. Click the Pencil icon ().

    2. Update the Key and Value as when adding properties.

  • To remove a property, click the Delete icon ().

When finished, click Save to keep your settings.

Response Headers RAPID only

The response headers to set.

  • To add a response header:

    1. Click Add in the Response Headers modal.

    2. Enter the HTTP header name to display in the Key field and the corresponding value to display in the Value field.

    3. Click Done.

  • To edit a response header:

    1. Click the Pencil icon ().

    2. Update the Key and Value as when adding headers.

  • To remove a response header, click the Delete icon ().

When finished, click Save to keep your settings.

Outputs

This node doesn’t change the shared state.

Callbacks

This node doesn’t send any callbacks.

Outcomes

Single outcome path: when the journey completes successfully, this node adds the additional configured details to the JSON response.

Errors

This node doesn’t log any error or warning messages of its own.