Use case: Allow end users to recover a forgotten user ID in ForgeRock

Author:

Lucy Billington

Created at:

Nov 2022

Updated at:

Dec 2022

Use case overview

Recovering a forgotten username is a very common use case that is easily implemented in ForgeRock Identity Cloud using Journeys. End users can recover their forgotten username using other information such as their email address.

Steps to achieve this use case

Identity Cloud includes a pre-built sample Forgotten Username journey, which you can adapt or use as a basis for your own journey(s) to meet your business needs.

To review the Forgotten Username journey:

  1. Sign in to the Identity Cloud admin UI using your admin tenant URL, in the format <tenant-name>/am/XUI/?realm=/#/.

  2. Go to Journeys.

  3. Select the ForgottenUsername journey and click Edit.

https://backstage-community-prod.storage.googleapis.com/original/2X/2/25d1e38b970ec6766c3687983a59facb30be078f

The journey collects a user’s email address and then uses that email address to search for the user. It then emails the user the username associated with the email address along with a link to the default Sign In page.

The journey includes the following nodes:

  • Attribute Collector - this node collects the user’s email address.

    Attribute Collector node

  • Identify Existing User - this node verifies the user exists based on the email address. The email address should be unique to a user.

    Identify Existing User node

  • Email Suspend Node - this node generates and sends an email to the user and suspends authentication. It uses the forgottenUsername email template (configured in Email > Templates).

    https://backstage-community-prod.storage.googleapis.com/original/2X/a/a6be75c90c5d7be8a9cf2622e327ec36154ba4e1

  • Inner Tree Evaluator - this node nests the default Login journey in the authentication flow.

    Inner Tree Evaluator node

The Forgotten Username journey is accessed from default Login journey using the Forgot username? link on the Sign In screen. This link is configured in the Page Node description in the Login journey:

https://backstage-community-prod.storage.googleapis.com/original/2X/4/49b1d5f664536a7f052fff3e967371a9218955e6

Testing the use case

To test the use case, ensure that your test end user has an email address that you can access.

  1. In the Identity Cloud admin UI, go to Journeys.

  2. Click the Login journey and copy the Preview URL.

  3. Paste the preview URL into a browser using Incognito or Browsing mode.

  4. In the Sign In screen, click the Forgot username?.

    https://backstage-community-prod.storage.googleapis.com/original/2X/3/36a6c5e80930d0ffe2ed0d1fa7d78e3a36c4b299

    You are prompted to enter the user’s email address.

    https://backstage-community-prod.storage.googleapis.com/original/2X/b/b587c939e00addb2f1d8cb932fe447e41a4836ee

  5. Enter the email address of your test user and click Next.

    An email is sent to the test user’s email address.

    Email sent message

  6. Locate and open the email message in the test user’s inbox. The email message will look similar to this:

    https://backstage-community-prod.storage.googleapis.com/original/2X/9/92b89b1a53453a33978918d1df84b5104f746a29

  7. Copy the username and click the link to sign in.

  8. In the Sign In screen, enter the test user’s username and password.

    https://backstage-community-prod.storage.googleapis.com/original/2X/9/9eee04069b0f5f7b8a7d6375020e8feb5aa23b98

    You are successfully logged in.

    https://backstage-community-prod.storage.googleapis.com/original/2X/f/fa54ad90e203d6637113ceb295243e1b0e33774b

Additional resources

Documentation:

Training videos: