This documentation is for WSO2 Identity Server 5.8.0 . View documentation for the latest release.

All docs This doc
||
Skip to end of metadata
Go to start of metadata

This feature places users in a pending status when the process of self registration, email verification or ask password has been initiated and the confirmation mail has been sent, but the email is not verified yet. The status claim will be set depending on the flow. 

Info

To use this feature, apply the 4919 WUM update to WSO2 Identity Server 5.7.0 using the WSO2 Update Manager (WUM). 

To deploy a WUM update into production, you need to have a paid subscription. If you do not have a paid subscription, you can use this feature with the next version of WSO2 Identity Server when it is released. For more information on updating WSO2 Identity Server using WUM, see Getting Started with WUM in the WSO2 Administration Guide.

Adding a new claim

In order to keep track of the users’ account states, a new identity claim, http://wso2.org/claims/identity/accountState is introduced. This claim stores the users’ account states. For more imformation on how to add claim mappings, see Adding Claim Mapping


This is a readOnly claim. It cannot be updated even by the admin user. 

If this claim does not exist, the self-registration, ask-password and email verification flows will work according to the previous model where if a user tries to self register and the account has the Account Lock feature enabled the user receives two mails. 

  1. Confirmation mail
  2. Account Locked mail

However, if this claim exists, only the confirmation mail is sent, and the user is placed in the "pending" state until the user confirms the registration in which case, the status moves to "Unlocked".

Only if the user is in a pending state (PENDING_AP, PENDING_EV, or PENDING_SR), the confirmation mail will be sent. 

This status can have one of the following values. Mentioned below are the values and their corresponding descriptions. 

StatusDescription
LOCKEDAccount is locked but not disabled
PENDING_APAsk password email is sent and the email is not verified
PENDING_EVEmail Verification email is sent and the email is not verified
PENDING_SRSelf registration email is sent and the email is not verified

DISABLED

Account is disabled
UNLOCKED

Account is neither disabled nor locked





  • No labels