Healthcare - Account Registration - Subflow
The Healthcare - Account Registration - Subflow lets users register a new account.
Purpose
The Healthcare - Account Registration - Subflow presents users with the ability to create a new account. Depending on your environment’s properties, the flow can let a user create a password, add email as a multi-factor authentication (MFA) device, and view and consent to an agreement.
Structure
This flow is divided into sections using teleport nodes:
- Fetch User Details for Registration
-
Uses function nodes to set flow instance variables and check whether agreement is enabled. If agreement is enabled, a PingOne node reads the agreement content. The flow then presents users with an HTML form on which to enter their email address.
If the user clicks Register, the flow progresses to the PingOne Protect Threat Detection And Mitigation. When this section completes, the flow progresses to the Validate Govt ID & Create account section.
If an option other than Register is selected, the flow progresses to the Return Success section.
- PingOne Protect Threat Detection And Mitigation
-
If PingOne Protect analysis is required, uses a PingOne node to look up the user, then invokes the Healthcare - Threat Detection - Subflow subflow.
If the Healthcare - Threat Detection - Subflow subflow completes successfully, the PingOne Protect values are saved as variables.
A function node then examines the risk score:
-
If the risk score is low, medium, or high, the flow returns to the Fetch User Details for Registration section.
-
If the risk score cannot be found, the flow progresses to the Return error section.
If the Healthcare - Threat Detection - Subflow subflow does not complete successfully, an error message is displayed.
-
- Validate Govt ID & Create account
-
Uses a PingOne node to look up the user, then uses a function node to verify that the user has accepted the agreement. The flow then progresses to the PingOne Neo: Govt Id Verification Using P1 Verify, Credentials Issuance To Wallet Using P1 Credentials & Creation of Account section. When this section completes, a function node verifies that the user’s government ID has been verified, then a PingOne node enables the user. The flow then progresses to the Accept Agreement and Verify Email section.
- Accept Agreement and Verify Email
-
Uses a function node to check whether an agreement is enabled. If an agreement is enabled, a PingOne node updates the user’s information to include their consent to the agreement. A function node then checks if email verification is required, and if it is required, the flow then invokes the Healthcare - Verify Email - Subflow flow. The flow then progresses to the Auto enroll email as a MFA device section.
- Auto enroll email as a MFA device
-
Uses a PingOne node to read the available devices. A function node checks if email is already an MFA device, and if it is not, a PingOne node enrolls email as a device. A PingOne node then enables MFA for the user, and the flow progresses to the Return Success section.
- PingOne Neo: Govt Id Verification Using P1 Verify, Credentials Issuance To Wallet Using P1 Credentials & Creation of Account
-
Invokes the Healthcare - Identity Verification and Managed Credential Issuance with Biometric Binding - Subflow subflow. A function node then examines the subflow status:
-
If the subflow completed successfully, a function node saves the variables from the subflow, then the flow returns to the Validate Govt ID & Create account section.
-
If the user canceled the subflow, the flow returns to the Fetch user details for registration section.
-
- Return Success
-
Uses a PingOne node to update the risk evaluation if the risk evaluation ID is available and sends a success JSON response indicating that the flow completed successfully.
- Return Error
-
Uses a PingOne node to update the risk evaluation if the risk evaluation ID is available and sends an error JSON response indicating that the flow completed unsuccessfully.
Input schema
This flow has the following inputs.
| Input name | Required | Description |
|---|---|---|
|
No |
The user’s email address. |
|
No |
Indicates whether agreement is enabled for user registration. |
|
No |
The ID of the agreement to present to users. |
|
No |
A Boolean indicating whether registration through third-party authentication is enabled. |
|
No |
A Boolean indicating whether authentication through Google is enabled in your environment. |
|
No |
A Boolean indicating whether authentication through Facebook is enabled in your environment. |
|
No |
A Boolean indicating whether authentication through Apple is enabled in your environment. |
|
No |
The company logo. Used only when the main flow was launched using a redirect. |
|
No |
Indicates whether PingOne Protect analysis is required. |
|
No |
The PingOne Protect risk policy ID to use. If not specified, the default policy is used. |
|
No |
The PingOne Verify policy ID to use. |
|
No |
The ID of the digital wallet application. |
|
No |
The ID of the credential type to be used. |
|
Yes |
The number of times a user can attempt verification. |
|
Yes |
The number of times a user can resend a one-time passcode (OTP). |
|
No |
The number of times a user can attempt government ID verification. |
Output schema
This flow has the following outputs.
| Output name | Description |
|---|---|
|
The result status of the flow. |
|
The user ID of the current user. |
|
The authentication method chosen by the user. |
|
The email address associated with the new account. |
|
The user’s first name. |
|
A Boolean that indicates whether the user signed on using social identity provider (IdP). |
|
The error message text to display, if any. |
|
The details of the error that occurred in this flow. |
Variables and parameters
This flow uses the following variable or parameter values.
| Variable name | Parameter name | Description |
|---|---|---|
|
None |
The user’s cached email address. |
|
None |
The error message text to display, if any. |
|
None |
The risk evaluation ID returned by PingOne Protect. |