Login Tasks
Definition
Login Task Flags are set on an Identity to indicate Self Service Tasks that they should or must perform before they can access the User Portal. Those flags are typically set by Authentication Methods but can also be managed externally (through Features and/or APIs).
By default, the following login tasks are available :
Password Related | Required | Manual Clearing | Description |
|---|---|---|---|
PASSWORD_INIT | YES | YES | The User needs to initialize his/her Password. The old password is not required. |
PASSWORD_CHANGE_REQUESTED | YES | YES | The User needs to change his/her Password. The old password may be required. |
PASSWORD_CHANGE_SUGGESTED | YES | The User may change his/her Password. The old password may be required. |
Security Questions Related | Required | Manual Clearing | Description |
|---|---|---|---|
SECURITY_QUESTIONS_INIT | YES | The User needs to initialize his/her Security Questions. | |
SECURITY_QUESTIONS_CHANGE_REQUESTED | YES | The User needs to change or update his/her Security Questions. | |
SECURITY_QUESTIONS_CHANGE_SUGGESTED | The User may change or update his/her Security Questions. |
MyMFA Related | Required | Manual Clearing | Description |
|---|---|---|---|
MYMFA_MOBILE_ENROLLMENT_SUGGESTED |
| YES | The User needs to re-enroll a new MyMFA mobile device. Intended to force user re-enrollment upon mobile app upgrade. These tasks have the |
MYMFA_MOBILE_ENROLLMENT_REQUESTED | YES | YES |
Configuration
You can access the Public Access configuration :
by clicking on "Portal" β βLogin Tasksβ
by clicking on "System" β "Configurations" β "Business Model" and perform an import/export.
Global properties
All users must have the rights to access the feature(s) linked to the login task(s) and the portal.
Domain | Code |
|---|---|
DataSet : Each feature starts by announcing the DataSet as following: |
CODE
|
Login Task Configuration : Each Public Access has the following configuration to describe it. | This will be detailled in the Login Task Configuration paragraph. |
Version and encoding : Each feature starts by announcing the version and encoding as following |
CODE
|
Login Task Properties
Properties name | Type | Mandatory | Description | Values (default value in bold) |
|---|---|---|---|---|
id |
| YES | The id is the unique identifier of the Login Task | - |
name |
| YES | The Login Task name. It can be different from the id. It is possible to modify name property after the creation. | - |
description |
| NO | Used to describe the Login Task that will be configured. It is possible to modify this property after the creation of the Login Task. | - |
feature |
| YES | The Identifier of the Self-Service Feature to use for the corresponding Login Task. | - |
required |
| NO | Indicate whether or not the login task is required or not. If true, once the login task is positionned on the user, he will have to complete it to be able to access the portal. If false, he even if the login task is positionned on the user, he will be able to skip it and access the portal anyway. | false, true |
manualClearing |
| NO | If false, the Login Task will be considered completed as soon as the user submits the feature. If true, the Login Task will not be cleared automatically and needs to be removed by an external mechanism, either builtin (see MYMFA_MOBILE_ENROLLMENT_REQUESTED above) or custom (e.g. API call from an external system). | false, true |
Example
<ctdbum:LoginTask id="my_login_task" builtin="false">
<name>My Login Task</name>
<description></description>
<feature>common-self-change-password</feature>
<required>true</required>
</ctdbum:LoginTask>