The following table provides information about the availability of JSP-Loginapp features in the Loginapp REST UI and high-level migration hints (where available).
Information about the availability of upcoming releases is indicative and subject to change.
Please note the additional information on discontinued functions (see link below).
Version information about features not yet available will be updated or clarified as soon as known.
Note that the specified release versions are indicative and subject to change.
The following notation is used to indicate release versions (examples):
- ●7.7: planned for IAM 7.7
- ●> 7.7: planned for an IAM release after 7.7
- ●>= 7.7: planned for IAM 7.7 or later
User registration self-service
Feature | Version | Description and migration hints |
Enter user profile information and validation | 7.3 | Structured form to enter user profile information. Migration hint Configured in Loginapp >> Self-Registration Flows >> User Data Registration Step. |
Terms of services | 7.3 | Require acceptance of terms of services. Migration hint Configured in Loginapp >> Self-Registration Flow >> Terms of Services Step. |
Username generation | 7.3 | Generate a username. Migration hint Use the Username Generation Step in the self-registration flow. |
User verification: Email with OTP | 7.3 | Verify the entered email address by sending an OTP and verifying it (in the same browser session). Migration hint Use the Email Verification Step in the self-registration flow. |
User verification: Email with link (AI-13556) | >= 7.7 | Verify the entered email address by sending a link in an email. The link can be clicked to proceed with the registration process (maybe on a new browser session). |
User verification: SMS | 7.3 | Phone number verification. Only for phone number on user record (credential data model - not in the token model). Migration hint Use the Phone Number Verification Step in the self-registration flow. The token data model will be supported in a later release (>= 7.5, AI-13559). This was not a feature in the JSP-Loginapp. |
User alias | 7.3 | Support for user name alias (e.g. email address as an alternative to the user name in the authentication process) including uniqueness check. Migration hint Use the Alias User Item plugin in the User Data Registration Step. |
Registration completed callback | 7.3 | Call custom plugin if registration is completed. Migration hint Use a custom step at end of registration process. |
Stealth mode | 7.3 | User-enumeration protection during self-registration. Migration hint The stealth mode can be enabled in the property Enable Stealth Mode of the User Self-Registration Flow plugin. |
CAPTCHA (AI-13449) | 7.7 | Users must solve a CAPTCHA in the user registration flow. |
User verification: configurable action (ALIAM-13561) | 7.5 | Define action taken after user verification (e.g. unlock new user account). Migration hint Use corresponding step plugins in the flow to perform actions after user verification. |
Logged-in after registration (AI-13563) | 7.5 | If enabled, the user is logged in after successful self-registration and gets a set of configured roles. |
Confirmation page (AI-13562) | only on request | Confirmation page showing part of the registered data. Migration hint Use an Acknowledge Message Step (does not display registered data) instead. To display registered data elements, use a User Data Edit Step with non-editable data elements. |
GDPR Consents (AI-13564) | only on request | Require the users to accept a number of GDPR consents in the self-registration flow. |
User profile self-service
Feature | Version | Description and migration hints |
Edit context data | 7.3 | Edit user context data (for logged-in users). Migration hint In Loginapp >> Protected Self-Services >> Protected Self-Service Flows compose a flow using the following steps (example):
|
Change email address with verification email with OTP | 7.3 | Change email address and verify the new email address with an OTP checked on the same browser session. Migration hint In Loginapp >> Protected Self-Services >> Protected Self-Service Flows define a flow containing the E-Mail Change Verification Step. |
Change email address with verification email with link (AI-13565) | only on request | Change email address and verify the new address by sending a link. The link can be used on a new browser session. |
Group-dependent settings | 7.3 | Different sets of editable user profile items depending on the user group. Migration hint In Loginapp >> Protected Self-Services >> Protected Self-Service Flows use a Selection Step for Self-Service with the Context Data Regex Condition to define different settings per user group. The proposed solution does not exactly match the JSP-Loginapp feature. |
HTTP Basic Auth access (AI-13569) | only on request | Access to the user profile self-service based on HTTP Basic Auth user authentication. |
Other self-services
Feature | Version | Description and migration hints |
Unlock Self-Service | 7.4 | Unlock account with second factor for another n trials with. May be combined with ordering a new password letter. Migration hint In Loginapp >> Public Self-Services define a flow using the Unlock User Step (Password Reset). To let the user order a password letter instead, use the Password Letter Order Step (Password Reset). It may be offered as an alternative to setting the password using the Selection Step for Password Reset. Only one Password Reset Flow can be configured at a time in IAM 7.6. Therefore one can only configure either a password reset process or an unlock self-service. This restriction will be removed in IAM 7.7. |
Autostart unlock self-service (AI-14091) | 7.5 | If the user account gets locked during the login process and self-unlock is possible (configured, eligible lock reason, and unlock attempts left), automatically start the self-unlock process after the user account gets locked. |
Lockout Self-Service (AI-13573) | >= 7.7 | Logged-in users may self-lock the account. The user is logged out and a confirmation page is shown. |
Self-delete account (AI-13574) | only on request | Logged-in users may self-delete the account. The user is then logged out and a confirmation page is shown. |
GDPR consent self-management (AI-13575) | only on request | Self-service for logged-in users to manage the given GDPR consents. |