User self-registration REST API

The Loginapp REST API exposes a flow API for user self-registration. The API allows users to register an account with user attributes, authentication means and verified communication channels.

The user self-registration REST API is a public API. Special consideration is required since enumeration of user attributes and brute force attacks are a concern.

• Loginapp REST Self-Registration requires the license bundle SELFSERVICE.

The user self-registration is a flow API. When configuring the user self-registration API in the ConfigEditor, it is possible to create multiple self-registration flows which may be selected by the REST client. One of the flows is marked out as the default. IAM uses the default if the client does not explicitly select a flow.

• In general, the self-registration flows will adhere to these rules:
• Each step in the flow can be either interactive and therefore requires the client to supply data or it can be non-interactive and therefore will be processed without interaction with the user.
• User Data Registration Step:
• All possible REST calls may be used repeatedly.
• Validators are configured on individual user data items or on an entire user data registration step.
• To proceed from a user data registration step to the next step requires a "continue" call.
• To be able to proceed to the next step, all validators of the current step must run successfully. 
• Channel verification steps are interactive but do not require a continue call. They are also not treated as validators.
• Every continue and validate REST call will verify all validators of the current step.
• Tags are not shared between self-registration and authentication flow sessions.

• User registration self-service (concept)
• Flows as Airlock IAM concept