This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.

User Account Recovery

Owned by Former user (Deleted)
Last updated: Aug 31, 2013Version comment
2 min read

The user account recovery feature implemented in the Identity Server helps to recover the username of the account if the user has forgotten it. This recovery process is also secured with captcha verification.

The service caller can define any number of claims that should be used in the user details verification. The first claim can be the email address and others can be the required attributes in the user registration such as first name or last name. This is helpful to search for a user if the system accepts multiple accounts with the same email address.

Upon the successful verification of the user details, the user account id is sent to the user by email.

For this to be possible, the user needs to fill the details in their respective user profile such as email, first name, last name and any other required attributes.

The sequence of service calls are described below and these are available in the service API ­https://localhost:9443/services/UserInformationRecoveryService?wsdl.

  1. Configure the identity­-mgt.properties file with the following:

    Identity.Listener.Enable=true
    Notification.Sending.Internally.Managed=true

  2. Configure the email­-admin-config.xml file with the email template with the type “accountConfirmation”. The following is a sample template.

    <configuration type="accountIdRecovery">
	<targetEpr></targetEpr>
	<subject>WSO2 Carbon ­ Account Recovery</subject>
	<body>
		Hi {first-­name}


		We received a request to recover your account user name. The account associated with us indicates that the user name is : {user­-name}
	</body>
	<footer>
		Best Regards,
		WSO2 Carbon Team
		http://www.wso2.com
	</footer>
	<redirectPath></redirectPath>
</configuration>

     

    1. getUserIdentitySupportedClaims() -­ This method returns all the claims defined in the Identity Server which are supported and not read only. You need to give the dialet which is by default “http://wso2.org/claims”.
    2. getCaptcha() -­ Get the captcha for the current request.
    3. verifyAccount() -­ Verifies the captcha, user claim values and tenant domain which is used to search for the user. You can define the claim values returned from the getUserIdentitySupportedClaims() call. Hence you can define which claims should be used in the verification by passing only those required. Upon successful verification the user id is sent by email to the user. Also this returns the success/failed status of the verification.