Use case: Configure progressive profiling in ForgeRock Identity Cloud

Use case overview

Progressive profiling allows you to defer requesting additional details from the end user to a time when it is needed. For example, the user may be required to provide their marketing preferences after a specified number of logins or provide complete address information after a certain length of time, in order to proceed with login. Typically, progressive profiling happens during authentication to determine whether a user’s profile is sufficiently complete to meet a business requirement.

Progressive profiling is a very common use case that is easily implemented in ForgeRock Identity Cloud using Journeys.

Sample Progressive Profile journey

Identity Cloud includes a pre-built sample Progressive Profile journey, which you can adapt or use as a basis for your own journey(s) to meet your business needs.

The sample Progressive Profile journey checks the number of logins and prompts the end user to add their marketing preferences and their update preferences if they haven’t already. It includes the following nodes:

If the marketing preferences or the update preferences have yet to be defined the node returns “false” and the user will be asked to complete this information.

NOTE: All fields of requested information are part of the default data model for Identity Cloud alpha_user identities. See User identity attributes and properties reference for further information.

Steps to achieve a use case for Progressive Profile address completion

For this use case, we’ll use the pre-built sample Progressive Profile journey to create a journey that checks if the end user’s postal address, city, postal code and country exist in their profile and prompts the user to add these details if they are missing.

NOTE: All fields of requested information are part of the default data model for Identity Cloud alpha_user identities. See User identity attributes and properties reference for further information.

Configure the use case

  1. Sign in to the Identity Cloud admin UI using your admin tenant URL, in the format https://<tenant-name>/am/XUI/?realm=/#/.

  2. Go to Journeys.

  3. Click on the sample Progressive Profile journey, and then click the menu and select Duplicate.

  4. Enter a unique name for your journey, select which identities will authenticate using this journey, (optionally) enter a journey description, and click Save.

  5. Click the Login Count Decision node and verify that this node is configured to initiate progressive profiling at the required number of login attempts (3 in this case).

  6. Click the Query Filter Decision node, and enter the following in the Query Filter:

    !(/postalAddress pr) or !(/city pr) or !(/postalCode pr) or !(/country pr)
    

    This query filter checks whether the end user’s postal address, city, postal code and country already exist in their profile.

  7. Click the Page Node and edit the Page Header text that will be displayed to the end user when they are prompted to add their address details, for example:

  8. Click Done, and then click Save.

  9. Click the Attribute Collector node and replace the Attributes to Collect with the following values: postalAddress, city, postalCode, country.

  10. Click Save.

  11. Go to Journeys and click on the Login journey that you would like to include the progressive profiling.

  12. Add your progressive profile journey to the Inner Tree Evaluator node, similar to this example:

  1. Click Save.

End users will now be prompted to provide missing address details on their third login.

Testing the use case

To test the use case, ensure that your test end user does not already have address details on their profile.

  1. In the Identity Cloud admin UI, go to Journeys.

  2. Click the Login journey that contains the progressive profile step and copy the Preview URL.

  3. Paste the preview URL into a browser using Incognito or Browsing mode.

  4. Enter the username and password of your test end user and click Next.

    You are signed in to Identity Cloud as the test user.

  5. Sign out of Identity Cloud.

    End user sign out

  6. Repeat steps 4 and 5 to sign in and sign out again (as the same user).

  7. Repeat step 4 to sign into Identity Cloud for the third time (as the same user).

    You should be presented with an address completion box, similar to this:

  8. Complete the address details for the test end user and click Next.

You are signed in to Identity Cloud as the test end user and the address details you entered are stored with the end user’s profile.

Additional resources

Documentation:

Training videos:

Acknowledgments: Andrew Posner