Hi all, I have implemented a new set of APIs to support account recovery flow via a user preferred communication channel. Please refer to the mail [1] for more information about the implementation. Thank you.
[1] - New APIs to support user account recovery via user preferred channel for Identity Server Regards, Sominda On Tue, Aug 13, 2019 at 9:55 AM Sominda Gamage <somi...@wso2.com> wrote: > Hi all, > > Please find the solution proposal of implementing a preferred channel for > user self registration flow. > > User self registration > *User Narrative* > > 1. > > When a user self registrates, the user > 1. > > Has to provide either a mobile number or an email address or both. > 2. > > Can provide a preferred communication channel as Email or SMS. > 2. > > Then the user will get recovery notifications based on the provided > communication channels. > > > - > > If the channel is email: navigate to the email and click the > verification link to verify the user account. > - > > If the channel is SMS: provide the received OTP during the self > registration phase and confirm the user account. > > *Solution* > > - > > In a self registration request following claims are required for the > server to initiate an account verification request. > - > > Either mobile number or email address claims or both claims (At > least one claim should be in the request). > - > > Mobile claim: http://wso2.org/claims/mobile > - > > Email claim: http://wso2.org/claims/emailaddress > - > > If any of the above channels are verified external to the Identity > Server, Phone Verified and Email Verified claims needs to be in the > request with value being set to TRUE. > - > > Eg: If the mobile is already verified, then Phone verified request > needs to be in the self registration request with value being set to > TRUE. > - > > Phone Verified: http://wso2.org/claims/identity/mobileVerified > - > > Email Verified: http://wso2.org/claims/identity/emailVerified > > > - > > A claim with users preference can be included in the request. > - > > This claim is optional but it is recommended to send the claim with > the request). > - > > The claim should be as follows. > - > > Preferred Channel: > http://wso2.org/claims/identity/preferredChannel > - > > User Self Registration should be configured for the respective tenant > (Refer to the User Self Registration Configurations in the appendix). > - > > Once the server receives a self registration request, server will send > notifications to the user by resolving the communication channel > internally. Notification channel resolution will be as follows. > > Communication Channel Selection Criteria > > 1. > > If the user has only provided email address or mobile number as the > communication channel and, > 1. > > Not specified the preferred channel: communication will happen via > the given channel in the request. > > (Eg: If only the mobile is provided, mobile will be considered as the > preferred channel. > > 1. > > Specified the preferred channel: > 1. > > Preferred channel matches the given claim: communication via > preferred channel > > (Eg: Preferred channel: SMS and given a mobile number) > > 1. > > Preferred channel does not match the claim: 400 ERROR > > (Eg: Preferred channel: SMS but not given a mobile number) > > Note: This means that there is a claim bound with a specific > communication channel > > Channel: EMAIL -> Claim: http://wso2.org/claims/emailaddress > > Channel: SMS -> Claim: http://wso2.org/claims/mobile > > 1. > > If the user has provided both email and mobile as communication > channels. > 1. > > Specified the preferred channel: communication via preferred channel > 2. > > Not specified the preferred channel: communication via the server > default channel. > > > - > > Once the communication channel is resolved, an event will be > triggered. The event name would be in the following format. > - > > Event name: TRIGGER_<Resolved_Channel>_NOTIFICATION > - > > Communication channels supported with this scope: > - > > SMS > - > > EMAIL > - > > Once the event is triggered notification handlers will send > notifications to the user. > > *Deliverables* > > We have planned to deliver the solution according to the following phases. > > 1. > > Phase 1 > > Support mobile and email channels for Self registration APIs. > > > 1. > > Phase 2 > > Support mobile and email channels for self registration via SCIM/ME > endpoint. > > 1. > > Phase 3 > > Provide UI support for account confirmation via mobile and email channels. > Current Status > > Currently, I'm in phase 1, implementing APIs to support self registration > via mobile (SMS) channel. The API will be able to send a response with the > notified communication channel and the responses are yet to be finalized. > > > Regards, > > Sominda. > > > On Tue, Aug 6, 2019 at 12:52 PM Sominda Gamage <somi...@wso2.com> wrote: > >> Hi all, >> >> We are planning to add the above feature for WSO2 identity server for >> following requirements. >> >> - *Support account verification for users in user self-registration >> via Email or mobile (SMS) channel.* >> - *Support Mobile or Email channel for recovery flows.* >> >> Please find the user stories documentation related to the above >> requirement below. >> >> *Support** account verification for users in user self-registration via >> **Email >> or mobile (SMS) channel.* >> Current product only support account verification via an email. >> Therefore, we wish to introduce a new claim called >> "preferredCommunicationChannel" and we ask for a preferred channel >> depending on that value. >> >> >> *Self Registration Scenarios* >> >> >> - User provide both email and mobile as attributes and set the >> preferred communication channel. >> - In this case, verification will takes place according to the given >> channel. >> - User provide both email and mobile as attributes, but not set the >> preferred channel. >> - In this case server configured channel (Email) is set as the >> preferred channel. >> - User provide only email or mobile as attributes, set the preferred >> channel. >> - User provide only email or mobile as attributes, not set the >> preferred channel. >> - Preferred channel will be configured as the given attribute >> value. >> >> *Deliverables* >> >> >> - API and UI support. >> - As the initial step, we wish provide API support. >> >> >> *Support Mobile or Email channel for recovery flows.* >> Current product only support account verification via an email. As the >> initial step we wish to introduce this feature for Username and Password >> recovery flows. >> >> *Deliverables* >> >> >> - API and UI support. >> - As the initial step, we wish provide API support. >> >> >> Regards, >> Sominda. >> >> >> -- >> *Sominda Gamage* | Software Engineer| WSO2 Inc. <http://wso2.com/> >> (M)+94 719873902 | (E) somi...@wso2.com >> <https://wso2.com/signature> >> > > > -- > *Sominda Gamage* | Software Engineer| WSO2 Inc. <http://wso2.com/> > (M)+94 719873902 | (E) somi...@wso2.com > <https://wso2.com/signature> > -- *Sominda Gamage* | Software Engineer| WSO2 Inc. <http://wso2.com/> (M)+94 719873902 | (E) somi...@wso2.com <https://wso2.com/signature>
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture