This documentation is for WSO2 Identity Server 5.0.0. View documentation for the latest release.
User Account Recovery - Identity Server 5.0.0 - WSO2 Documentation
||
Skip to end of metadata
Go to start of metadata

The user account recovery feature implemented in the Identity Server helps to recover the username of the account if the user has forgotten it. This recovery process is also secured with captcha verification.

The service caller can define any number of claims that should be used in the user details verification. The first claim can be the email address and others can be the required attributes in the user registration such as first name or last name. This is helpful to search for a user if the system accepts multiple accounts with the same email address.

Upon the successful verification of the user details, the user account id is sent to the user by email.

For this to be possible, the user needs to fill the details in their respective user profile such as email, first name, last name and any other required attributes.

The sequence of service calls are described below and these are available in the service API ­https://localhost:9443/services/UserInformationRecoveryService?wsdl.

  1. Configure the <IS_HOME>/repository/conf/security/identity­-mgt.properties file with the following.

    Identity.Listener.Enable=true
    Notification.Sending.Internally.Managed=true

    See the following table for descriptions of these configurations.

    Configuration
    Description
    Identity.Listener.Enable=true
    This enables the identity listener.
    Notification.Sending.Internally.Managed=true

    This enables the internal email sending module. If false, the email sending data is available to the application via a Web service. Thus the application can send the email using its own email sender.

  2. Configure the <IS_HOME>/repository/conf/email/email-admin-config.xml file with the email template with the type “accountIdRecovery”. The following is a sample template.

    <configuration type="accountIdRecovery">
    	<targetEpr></targetEpr>
    	<subject>WSO2 Carbon ­ Account Recovery</subject>
    	<body>
    		Hi {first-­name}
    
    
    		We received a request to recover your account user name. The account associated with us indicates that the user name is : {user­-name}
    	</body>
    	<footer>
    		Best Regards,
    		WSO2 Carbon Team
    		http://www.wso2.com
    	</footer>
    	<redirectPath></redirectPath>
    </configuration>

     

    1. getUserIdentitySupportedClaims() -­ This method returns all the claims defined in the Identity Server which are supported and not read only. You need to give the dialet which is by default “http://wso2.org/claims”.
    2. getCaptcha() -­ Get the captcha for the current request.
    3. verifyAccount() -­ Verifies the captcha, user claim values and tenant domain which is used to search for the user. You can define the claim values returned from the getUserIdentitySupportedClaims() call. Hence you can define which claims should be used in the verification by passing only those required. Upon successful verification the user id is sent by email to the user. Also this returns the success/failed status of the verification.
  • No labels