Use of GetSessionData node to validate existing session

The sample journey for Change Password in Identity Cloud uses a GetSessionData node at the start. I believe this node is being used just to ensure that the user has an existing session. (It retrieves the UserToken session property (user principal) and stores it in a “mail” shared state attribute, which seems wrong). The documentation for GetSessionData suggests that it will fail with an error if the user doesn’t have an existing session, but in my testing this doesn’t seem to be true. Instead, the journey continues with a blank username which then causes re-authentication to always fail without explanation.

The GetSessionData docs themselves recommend using a scripted decision node to check if a current session exists or not. Would it be better to do that in the ChangePassword journey?

Hi @neil.madden.consultant,

Thanks for reaching out to the Community.

Identity Cloud includes two sample password journeys to allow end users to reset or change their passwords:

  • Reset Password Journey. (used for example when a user forgets their password and requests a user’s email address)
  • Update Password Journey. (Users can change/update their password when they are already logged on)

Please review the following articles from our Community site which detail the use of these Journeys:

I hope the information presented in these articles help to alleviate your concerns!

Warm Regards,