IDM 7.5.0

Multiple user self-registration flows

You can set up multiple self-registration flows, with features limited only by the capabilities listed in Self-registration.

Multiple self-registration flows, and customization of the End User UI beyond what is described in this document (and the noted public Git repository), are not supported.

For additional information on customizing the End User UI, refer to the following ForgeRock Git repository: ForgeRock/end-user-ui: Identity Management (End User).

For example, you may want to set up different portals for regular employees and contractors. You’d configure each portal with different self-registration flows, managed by the same IDM backend. Each portal would use the appropriate registration API.

To prepare for this section, you’ll need a selfservice-registration.json file. You can find a copy in the following directory: /path/to/openidm/samples/example-configurations/self-service.

To avoid errors when using this file, you should either:

  • Copy the following files from the same directory:

    selfservice.terms.json
    selfservice-termsAndConditions.json

  • Delete the termsAndConditions code block from the respective selfservice-registration*.json files.

User self-registration is normally coded in the selfservice-registration.json file. In preparation, copy this file to the selfservice-registration*.json to the names shown in the following list:

Edit the configuration file for each portal.

  1. Modify the verificationLink URL associated with each portal as described.

  2. Edit your access configuration (conf/access.json ), by adding an endpoint for each new self-service registration file, after the selfservice/registration section. For example, the following code excerpt would apply to the registrationEmployee and registrationContractor endpoints:

    {
        "pattern"    : "selfservice/registrationEmployee",
        "roles"      : "*",
        "methods"    : "read,action",
        "actions"    : "submitRequirements"
    },
    {
        "pattern"    : "selfservice/registrationContractor",
        "roles"      : "*",
        "methods"    : "read,action",
        "actions"    : "submitRequirements"
    },
  3. Modify the functionality of each selfservice-registration*.json file as desired. For guidance, refer to the sections noted in the following table:

    Configuring selfservice-registration*.jsonFiles for Different Portals
    Feature Code Block Link

    Social Registration

    "socialRegistrationEnabled" : true,

    Properties requested during self-registration

    "registrationProperties" : [
        "userName",
        "givenName",
        "sn",
        "mail"
    ],

    Terms & Conditions

    {
        "name" : "termsAndConditions"
    }

    Privacy & Consent

    {
        "name" : "consent",
        "consentTranslations" : {
            "en" : "substitute appropriate Privacy & Consent wording",
            "fr" : "substitute appropriate Privacy & Consent wording, in French"
        }
    },

    reCAPTCHA

    {
        "name" : "captcha",
        "recaptchaSiteKey" : "<siteKey>",
        "recaptchaSecretKey" : "<secretKey>",
        "recaptchaUri" : "https://www.google.com/recaptcha/api/siteverify"
    }

    Email Validation

    Security Questions

    {
        "name" : "kbaSecurityAnswerDefinitionStage",
        "kbaConfig" : null
    },

    If you leave out the code blocks associated with the feature, you won’t refer to that feature in the self-service registration flow. In that way, you can set up different self-service registration flows for the Employee and Contractor portals.

For more advice on how you can create custom registration flows, refer to the following public ForgeRock Git repository: Identity Management (End User) - UI.

The changes described in this section require changes to the End User UI source code as described in the noted public Git repository. Pay particular attention to the instructions associated with the Registration.vue file.