Using Auth level decision node with existing session

anishetty · August 18, 2024, 12:44pm

Hi,

I have a use case where I need to set auth level to particular value in journey A. When executing journey B with previous session, I need to verify if the auth level is equal to or greater than expected, and only then continue with the journey.

In journey A, I am using Modify Auth Level node to set the auth level. Once I execute journey A, I am able to check the value of AuthLevel in user’s session properties when I hit /getSessionInfo endpoint. It is being set as expected.

When I execute journey B with the previous session, the Auth level decision node does not seem to be picking up this value. My expectation was that it would validate the Session property value AuthLevel. Instead, it is trying to evaluate the decision based on a shared state variable authLevel (which is zero by default since this is a different journey)

In a scripted node, I am able to get the value of AuthLevel from previous session, and then set that value to authLevel shared state variable. On doing that, Auth Level Decision node works as expected.

However, wanted to check if I’m missing anything obvious here, since this seems to be the intended use case of Auth Level decision node.

P.S: I have whitelisted the property in session whitelisting settings. And I cannot use the “Get Session Data” node to directly put the value of AuthLevel from session into authLevel of shared state, since this node converts the value to string, and it causes an exception.

stephane.orluc · August 20, 2024, 12:26pm

hi @anishetty,
I think you’re doing it correctly.
I’ve surprised using Get Session Data node :: AM 7.3.1 is causing an error .
Regards,
Steph.

grpensa · August 20, 2024, 2:03pm

If you look at the source, the node is working as expected. The authlevel needs to be set in the tree. There is no logic to source authlevel from one session and set it as the shared state property.
Your approach to use a script or … to perform these works is appropriate.

But I need to ask; why build this solution when it is provided ootb if you use the policy framework and the “advice” features?

anishetty · August 21, 2024, 3:25pm

Thank you for the confirmation and the suggestion.

Using the policy framework would require us to setup policies and make/maintain changes at policy enforcement point. Additionally, in our use case, if the Auth level is not met, we just need to fail the journey. We do not have the requirements of fulfilling the advice.

Due to this, I went ahead with this solution, which is simpler.

Besides, I was under the assumption that Auth level Decision could be used across journeys. Because I do not see much use to it, if we need to use it in the same journey.