You can register a user and get the confirmation by the user through the email which helps to confirm an actual user.
The self sign up process creates the user and locks the user account until the user confirmation is received. The created user has an expiry period which, if exceeded, ensures the account cannot be unlocked. The expired accounts are not actually used by the creator and may have been forgotten long ago. The system administrator can later delete these accounts if needed, hence making this a better way to manage the resources.
The following service API can be used for the sign up and confirmation: https://localhost:9443/services/UserInformationRecoveryService?wsdl
.
You need to define the following claims and map them with correct attributes in the underlying data store.
About usage in tenants
If you wish to have set of claims for all tenants, before the first startup you must add those claims to the
<PRODUCT_HOME>/repository/conf/claim-mgt.xml
file and start the server. If you do not require these claims for all tenants, then it should be added via the UI of specific tenants as instructed here.Configure the identity-mgt.properties file found in
<PRODUCT_HOME>/repository/conf/security/
with the following:Identity.Listener.Enable=true
Notification.Sending.Internally.Managed=true
Authentication.Policy.Account.Lock.On.Creation=true
Notification.Expire.Time=7200
Notification.Sending.Enable=true
Authentication.Policy.Enable=true
Configure the email-admin-config.xml file found in
<PRODUCT_HOME>/repository/conf/email/
with the email template of type “accountConfirmation
”. The following is a sample template:<configuration type="accountConfirmation"> <targetEpr>https://localhost:8443/InfoRecoverySample/validate</targetEpr> <subject>WSO2 Carbon Account Confirmation</subject> <body> Hi {first-name}, You have created an account with following user name User Name: {user-name} Please click the following link to unlock. If clicking the link doesn't seem to work, you can copy and paste the link into your browser's address window. {confirmation-link} </body> <footer> Best Regards, WSO2 Identity Server Team http://www.wso2.com </footer> <redirectPath></redirectPath> </configuration>
Self Sign Up
The sequence of services calls are described below for self sign up.
- getUserIdentitySupportedClaims() - Set of claims to which the user profile details should be saved in the Identity Server.
- registerUser() - This registers a user in the system. You need to pass values like user name, password, claim attributes and values returned from the previous call and the tenant domain. The confirmation code is sent by email to the given email address.
Confirm Account
The sequence of service calls are described below for account confirmation.
- getCaptcha() - Get the captcha for the current request.
- confirmUserSelfRegistration() - The confirmation code sent to user account, user name, captcha details and tenant domain needs to be passed to the call. Upon successful verification the account is unlocked. Also the verification status is returned to the caller.