--- title: Healthcare - Registration with Threat Detection and ID Verification - Main Flow description: Learn about the Healthcare - Registration with Threat Detection and ID Verification - Main Flow flow, including its purpose, structure, inputs, outputs, and variables. component: pingone-solutions page_id: pingone-solutions:healthcare:flow-reference/healthcare-registration-with-threat-detection-and-id-verification-main-flow canonical_url: https://docs.pingidentity.com/pingone-solutions/healthcare/flow-reference/healthcare-registration-with-threat-detection-and-id-verification-main-flow.html revdate: September 1, 2025 section_ids: purpose: Purpose structure: Structure input-schema: Input schema output-schema: Output schema variables-and-parameters: Variables and parameters --- # Healthcare - Registration with Threat Detection and ID Verification - Main Flow The **Healthcare - Registration with Threat Detection and ID Verification - Main Flow** serves as the primary flow, letting users register an account after performing threat detection and ID verification. ## Purpose The **Healthcare - Registration with Threat Detection and ID Verification - Main Flow** presents users with options to register an account. It uses the **Healthcare - Account Registration - Subflow** to register the user if the user opts to create an account. If the user selects social login, it uses the **Healthcare - Agreement (ToS) - Subflow** to verify that the user has agreed to the terms of service and the **Healthcare - Verify Email - Subflow** if the user needs to verify their email address. ## Structure This flow is divided into sections using teleport nodes: * **Flow Configuration** Uses multiple function nodes to save the variable and parameter values so that the correct values are available in the flow and in subflows. The flow then progresses to the **Sign Up Page & Call Account Registration Sub-Flow** section. * **Sign Up Page & Call Account Registration Sub-Flow** Presents the user with a passwordless sign-up page, then branches based on the user's selection: * If the user clicked **Register**, the **Healthcare - Account Registration - Subflow** is invoked. If the subflow completed successfully, a function node checks if the user logged in using social IdP: * If the user used social IdP, a hidden HTML node enables css files disabled during social login, and the flow progresses to the **Call Check Agreement and Email verification Sub-Flow** section. * If the user did not use social IdP, a PingOne node sends an email notifying the user of the account creation, and the flow progresses to the **Return Success** section. * If the user selected a social IdP option, a hidden HTML node enables css files disabled during social login, and the flow progresses to the **Call Check Agreement and Email verification Sub-Flow** section. * **Call Check Agreement and Email verification Sub-Flow** Invokes the **Healthcare - Agreement (ToS) - Subflow**. When the subflow completes, uses a PingOne node to look up the user. If email verification is required, invokes the **Healthcare - Verify Email - Subflow** subflow. The flow then progresses to the **Handle Remember Me if Applicable** section. * **Handle Remember Me if Applicable** Uses a function node to check if the remember me option is checked. If so, a function node adds `rememberMe` to the authentication methods. The flow then progresses to the **Return Success** section. * **Return Success** Displays a success message, then branches based on the invocation method: * If the flow was invoked with the widget, uses a PingOne node to find the user, then sends a success JSON response, indicating that the flow completed successfully. * If the flow was not invoked with the widget, sends a success JSON response, indicating that the flow completed successfully. Simultaneously, uses a function node to check if the risk evaluation ID is present, and uses a PingOne Protect node to update the user's risk evaluation if a risk evaluation ID is present. * **Return Error** Uses a function node to enrich the error details, displays an error message, then sends an error JSON response indicating that the flow completed unsuccessfully. Simultaneously, uses a function node to check if the risk evaluation ID is present, and uses a PingOne Protect node to update the user's risk evaluation if a risk evaluation ID is present. ## Input schema This flow has the following inputs: | Input name | Required | Description | | ---------------- | -------- | --------------------------------------------------------------------- | | `flowParameters` | No | An object containing any parameters passed in by the flow invocation. | ## Output schema This flow has the following outputs: | Output name | Description | | ---------------- | ------------------------------- | | `p1UserId` | The user's PingOne user ID. | | `p1Username` | The user's PingOne user name. | | `successMessage` | The success message to display. | | `errorMessage` | The error message to display. | ## Variables and parameters This flow uses the following variable or parameter values: | Variable name | Description | | ---------------------------------- | -------------------------------------------------------------------------------------------------------------- | | `flowCompanyLogo` | The URL for your company logo. | | `p1MFAPolicyId` | The ID of the PingOne MFA policy to use in the flow. | | `p1AgreementId` | The ID of the agreement to present to users. | | `p1RiskPolicyIdAuthn` | The PingOne risk policy ID to use for authentication. | | `p1RiskPolicyIdAR` | The PingOne risk policy ID to use for account recovery. | | `p1RiskPolicyIdReg` | The PingOne risk policy ID to use for registration. | | `protectRiskEvalId` | The risk ID of the current user as used by PingOne Protect. | | `authmethod` | The authentication method used by the user. | | `p1VerifyPolicyIdReg` | The PingOne Verify policy ID to use for registration. | | `digitalWalletApplicationId` | The ID of the digital wallet to use. | | `verifiedIdentityCredentialTypeId` | The credential type ID for the user. | | `credentialType` | The credential type used by the user. | | `ciam_appleEnabled` | Indicates whether authentication through Apple is enabled in your environment. | | `ciam_facebookEnabled` | Indicates whether authentication through Facebook is enabled in your environment. | | `ciam_googleEnabled` | Indicates whether authentication through Google is enabled in your environment. | | `flowProtectAnalysisRequired` | Indicates whether a PingOne Protect analysis must be performed for all users. | | `ciam_magicLinkEnabled` | Indicates whether magic link authentication is enabled. | | `ciam_agreementEnabled` | Indicates whether the agreement is required. | | `ciam_protectAnalysisRequired` | Indicates whether PingOne Protect analysis is required. | | `ciam_logoUrl` | The URL for your company logo.This value is used only when the flow is launched with a redirect. | | `ciam_companyName` | Displays the name of your company.This value is used only when the flow is launched with a redirect. | | `ciam_logoStyle` | The HTML style to use for your company logo.This value is used only when the flow is launched with a redirect. | | `flowMethod` | The method used to launch the flow. |