PingOne Advanced Identity Cloud

Task 7: Design profile management experiences

Providing self-service profile management capabilities improves the end-user experience and reduces administrative overhead. With Advanced Identity Cloud, you can create self-service experiences that let end users update their personal information, change their passwords, and manage other profile settings.

This task guides you through three key aspects of profile management:

  • Update personal information: End users can update their personal information after signing on.

  • Update password: End users can update their passwords while signed on using an update password journey.

  • Manage profile settings: Tenant administrators can configure profile management settings to tailor the experience for your organization.

The Best practices and next steps section then offers guidance for customizing the experience after you’ve mastered the basics.

Test updating personal information

End users can manage their profile information in the hosted account pages after they’ve signed on.

To test updating personal information:

  1. In an incognito browser window, sign on to the Advanced Identity Cloud as an end user.

  2. Click Profile to display the end user’s profile information.

    End User Profile Page
    You’ll see additional menu items on the left if you have the Identity Governance add-on feature.

  3. Click Edit personal info.

  4. Update the end user’s email, first name, last name and address.

  5. Click Save to save the changes.

    The changes are saved to the end user’s profile, and you’re returned to the profile page.

Test the default update password journey

Advanced Identity Cloud includes a preconfigured default update password journey that lets end users update their passwords while signed on.

To preview the default journey and test it as an end user:

  1. In the Advanced Identity Cloud admin console, go to account_tree Journeys > Journeys and click the UpdatePassword journey.

  2. Click the ellipsis icon () and select Edit to view the journey.

    UpdatePassword journey

    1. a Identifies the signed-on end user from their session

    2. b Verifies that the end-user’s password is present.

    3. c Prompts the end user to enter their existing password.

    4. d Sends an email to the end user with a password reset link, if an existing password isn’t present.

    5. e Validates the username and password match an existing user identity in the identity store.

    6. f Collects the end-user’s new password and validates the new password against password policies.

    7. g Updates the end user’s password in the identity store.

  3. In an incognito browser window, sign on to the Advanced Identity Cloud as an end user.

  4. Click Profile to display the end user’s profile information.

  5. On the Password row, click Reset.

    End User Profile Page with Reset Password link

    The Verify Existing Password page opens. This is the first step in the default UpdatePassword journey.

    Verify Existing Password page

  6. Enter the end user’s existing password and click Next.

    The Update Password page opens.

    Veryfy Existing Password page

  7. Enter a new password.

  8. Click Next.

    The new password is saved with the user’s profile, and you’re returned to the profile page.

Profile management settings

As a tenant administrator, you can configure self-service settings to control which profile fields end users can view and edit in the hosted account pages. This lets you tailor the profile management experience to your organization’s requirements.

Settings include:

  • Enabling or disabling profile management features.

  • Specifying which profile fields are editable by end users.

  • Configuring validation rules for profile fields.

Learn more in Configure visible information and end-user actions.

Best practices and next steps

Consider the following best practices and enhancements when designing your end-uer profile management experiences:

  • Configure which attributes are visible and editable: This gives you granular control over your data. For example, you might want to display an employeeId but make it read-only. Learn more in Configure actions and information for end users.

  • Add custom attributes to the user profile: If your organization needs to store information not included in the default schema (such as a department or location), you can add custom attributes to the user profile. Once added, you can make it available on the profile page. Learn more in Customize user identities.

  • Notify users of critical account changes: This is a critical security measure against account takeover. After a sensitive change is completed (like a password change) use an Email Template Node in your journey to send a notification to the user. For an email address change, this notification should be sent to the old email address to alert the legitimate user of potentially fraudulent activity. Learn more in Email templates.

  • Continuously validate the user experience Regularly review how users interact with profile and recovery flows using usability testing, accessibility checks and behavioural signals (such as drop-off points or repeated recovery attempts). Combine these insights with user feedback to inform and prioritize incremental improvements over time.