This is Part 4 of 8 in the series Getting started with ForgeRock Identity Cloud journeys.

Self-registration journey ~15 minutes

In the Customer Identity and Access Management (CIAM) space, the best way to onboard millions of customers into an infrastructure is to give them the option to self-register.

The Registration sample journey in ForgeRock Identity Cloud is useful in creating a self-registration process for the users.

This guide takes you through the Registration journey and shows how it can be modified to include additional capabilities.

Examining the Registration journey

1. In a supported browser, log into your Identity Cloud Admin UI.

2. In the alpha realm, go to Security > Security Questions.

   Note that in the Questions tab, there is one question configured by default.

3. Click the Settings tab to view the Security Questions policy.

   

   gs_security_questions1600×821 122 KB

4. On the left navigation pane, click Terms & Conditions.

5. Click on the default Terms & Conditions defined on the page.

   

   gs_t&c_versions1604×265 51.1 KB

6. Click <- Terms & Conditions to return to the Identity Cloud Admin UI landing page.

7. On the left navigation pane, click Journeys > Registration.

8. Edit the Registration journey by clicking on the preview image.

   

   gs_registration_journey1600×603 107 KB

   At the start of this journey, the nodes in the Page Node prompt end users to provide the information required to create their account such as username, password, profile attributes, the answers to security questions, and acceptance of the Terms and Conditions defined.

9. In the Page Node, click the Attribute Collector node. Notice the parameters under the Attributes to Collect property.

   

   gs_attribute_collector_node474×966 66.9 KB

   This property lists all the attributes a user is expected to provide an answer to during self-registration. Attributes added here are necessary to keep a user’s profile complete upon registration. A common practice is to keep the self-registration process simple with only minimum attributes and have users complete their profile using Progressive Profiling in their subsequent login journeys.

   The journey then uses the Create Object node to create a user profile in the Identity Cloud.

   The journey increments the login count attribute of the new user created and displays the end user dashboard.

Testing the Registration journey

1. In the alpha realm of your Identity Cloud tenant, go to Journeys > Registration.

2. Copy the preview URL of the journey.

3. In a browser different from the Identity Cloud administrator active session, paste and go to the journey preview URL.

   The Page Node with all the collector nodes appears as a registration form.

   

   gs_registration_form1600×819 94.7 KB

4. Complete the form with appropriate responses and click Next.

   A new user created is created and logged into the Identity Cloud end user dashboard.

5. Sign out of the end user dashboard.

6. To view the newly created user account details, go to your Identity Cloud Admin UI > Identities > Manage.

Modifying the Registration journey to add additional capability

To prevent bots from signing up, you can modify the journey by adding an authentication node that prompts the users to pass a CAPTCHA test. This journey makes use of the Google reCAPTCHA service, so for it to work, use an active Google account to perform the following steps.

1. Go to https://google.com/recaptcha.

2. Click V3 Admin Console.

3. Sign in using a Google account, if prompted.

4. Click + at the top right corner of the admin console.

5. Using the following information as reference, register a new site.

   • Label: ForgeRock Identity Cloud
   • reCAPTCHA type: reCAPTCHA v2 (keep the default option beneath it checked)
   • Domains: forgeblocks.com
   • Check Accept the reCAPTCHA Terms of Service
   • Click SUBMIT
   

   gs_captcha_config1256×1078 121 KB

6. Copy and keep the Site Key and Secret Key handy.

   

   gs_captcha_keys1600×697 121 KB

7. In the alpha realm of your Identity Cloud Admin UI, go to Journeys > Registration > … menu and select Duplicate.

   

   gs_duplicate_journey_reg1056×420 54.6 KB

8. Replace the default name of the duplicate journey with the name ‘RegisterMe’ and set the description to “Platform Registration Tree with Google reCAPTCHA”.

   

   gs_duplicate_journey_reg_details1053×1008 99.9 KB

9. Click Save.

10. On the edit page of the newly created ‘RegisterMe’ journey, click and drag the CAPTCHA (Risk) authentication node.

11. Connect the nodes as follows:

    • Start node → CAPTCHA node.
    • CAPTCHA node True outcome → Page Node.
    • CAPTCHA node False outcome → Failure node.
    

    gs_registerme_journey1600×645 122 KB

12. Click on the CAPTCHA node and complete the Site Key and Secret Key in the respective node properties.

    

    gs_captcha_node418×1219 99.6 KB

13. Click Save to save the journey.

Testing the modified Registration journey

1. In a browser different from the Identity Cloud administrator active session, paste and go to the ‘RegisterMe’ journey preview URL.

   The Google reCAPTCHA challenge page is displayed.

   

   gs_captcha_challenge1600×350 21.1 KB

2. Verify the CAPTCHA and click Next.

   The journey proceeds to show the registration page.

3. Complete the journey as appropriate.

Further reading

Other guides in the Getting started with ForgeRock Identity Cloud journeys series:

• Part 1 - Introduction to building journeys
• Part 2 - Multi-Factor Authentication (MFA) journeys
• Part 3 - Twilio MFA journey with SMS or Voice OTP
• Part 5 - Social authentication
• Part 6 - Reset Password journey
• Part 7 - Device Profile journey
• Part 8 - Exporting and importing journeys