Getting started with ForgeRock Identity Cloud journeys: Part 6 - Reset Password journey

Getting Started Guides Journeys
, , , , ,
#1

This is Part 6 of 8 in the series Getting started with ForgeRock Identity Cloud journeys.

Reset Password journey ~ 10 minutes

The Reset Password journey supports a self-service option to let users reset their own passwords.

Configuring a realm user with a valid email address

  1. In a supported browser, log into your Identity Cloud Admin UI.

  2. In the alpha realm, go to Identities > Manage, and choose a user to perform the Reset Password journey. In this example, we are using ‘fruser2’ (created in Part 2 - Multi-Factor Authentication (MFA) journeys).

  3. Set user’s the Email Address attribute to an active email address.

  4. Go to Journeys > ResetPassword and click on the journey image to view/edit the journey.

    gs_password_reset_journey
    gs_password_reset_journey1600×687 101 KB

  5. Click on the Attribute Collector node in the Page Node to view the node properties. Notice the mail attribute in the node properties.

    gs__password_reset_attribute_collector_node
    gs__password_reset_attribute_collector_node315×517 31.2 KB

  6. Click on the Identify Existing User node and notice that the mail attribute is being used as the Identity Attribute to identify an existing Identity Cloud user.

    gs_password_reset_identify_user_node

  7. Click on the Email Suspend Node, which generates and sends an email to the user as per the Email Suspend Message.

    gs_password_reset_email_suspend_node
    gs_password_reset_email_suspend_node322×770 52.3 KB

    On reaching this node, the authentication pauses until the user clicks on the URL received in the email. The URL has the required information to resume the journey from where it was suspended.

  8. Click Save and ← Journeys to go back to the home page.

  9. On the side menu, click on Email to look at both the template and the default Email provider configurations.

    When the user clicks on the URL received from the Email Suspend Node, the journey prompts the user for a new password using the Platform Password node and updates the user profile with the new password supplied using the Patch Object node.

Testing the ResetPassword journey

  1. Go back to the list of journeys in the alpha realm, click on the ResetPassword journey and copy the preview URL.

  2. Open the ResetPassword journey preview URL, in a browser different from the one that has an active Identity Cloud admin session.

    The user is prompted for an email address. Use the active email address configured in the earlier step and click Next.

  3. Look for an email from ForgeRock Identity Cloud Team in the inbox of the email account provided. Check the spam/junk folder if it is not in the inbox. Mark the email as safe, if required.

    Click on the ‘Password reset link’ in the email.

    gs_reset_password
    gs_reset_password1600×401 28.3 KB

  4. Enter a new password that satisfies the password requirements and click Next.

    gs_reset_password1
    gs_reset_password11600×412 37.4 KB

    The user lands on the Identity Cloud end user dashboard page.

  5. Sign out of the end user dashboard.

Further reading

Other guides in the Getting started with ForgeRock Identity Cloud journeys series:

2 Likes
Getting started with ForgeRock Identity Cloud journeys: Part 7 - Device Profile journey
Getting started with ForgeRock Identity Cloud journeys: Part 8 - Journey export and import
Use of GetSessionData node to validate existing session