Use PingFederate's self-service user name recovery feature to enable users to recover their lost user names through their email addresses.
PingFederate offers self-service user name recovery for users to recover their accounts through email if they forget their user names.
This optional capability is integrated into the HTML Form Adapter and the LDAP
Username Password Credential Validator (PCV). PingFederate supports PingDirectory,
Microsoft Active Directory, Oracle Unified Directory, and Oracle Directory Server
out-of-the-box. Custom PCV implementations can also be developed to offer the same
capability for users stored in non-LDAP data sources. For more information,see the
RecoverableUsername interface in Javadoc.
The Javadoc for PingFederate is located in the <pf_install>/pingfederate/sdk/doc directory.
Go to IdP Adapters window, create a new HTML
Form Adapter instance.
You can also reuse an existing HTML Form Adapter instance. If you do, skip to step 1c to configure your adapter instance to enable the self-service user name recovery capability.
- Select the HTML Form Adapter instance as the credential validator.
- Optional: Update any default values or options.
- Select the Enable Username Recovery check box.
Select a notification publisher instance from the list.
If you have not yet configured the desired notification publisher instance, click Manage Notification Publishers.
Click Show Advanced Fields to review or modify default
values related to self-service user name recovery.
Select the Require Verified Email check box if you want PingFederate to only send user name recovery email messages to users who have proven ownership of their email addresses.
- Optional: Customize and localize the on-window messages and notification messages.
You successfully created a new instance or modified an existing instance of the HTML Form Adapter with the self-service user name recovery capability.
When a user signs on through this adapter instance, the user has the option to recover the user name using the Trouble Signing On link.
You can also provide your users the per-adapter Account Recovery endpoint /ext/pwdreset/Identify, which allows them to recover their user name through this HTML Form Adapter instance without submitting single sign-on (SSO) requests.