Flow step plugins in IAM flows

In Airlock IAM, flow step plugins can be combined to form IAM flows. This allows implementing complex workflows such as multi-factor authentication with step-up and token activation.

IAM flows are used in several places throughout Airlock IAM and are described in Flows as Airlock IAM concept.

The following screenshot shows the configuration of an authentication flow of the Demo Configuration.

Plugins in IAM flows

Icon

Description

Information48np.png

Shows the documentation of the property.

Hint: Click on an info icon, to see the documentation in the Docs tab at the bottom. 

DatabaseRecordAddBlue48np.png

Adds a new step plugin to the flow.

Flow visualizer

Opens the Flow Visualizer.

Flow Visualizer

Airlock IAM flows can be visualized by clicking the visualizer button next to the flow property – this opens the integrated Flow Visualizer. It creates a flow chart based on the current flow configuration.

The following example screenshot shows a part of an Authentication Flow from the Demo configuration:

Flow Visualizer - complex Flow snippet

The plugin allows zooming in and out using the mouse scroll wheel and the Ctrl button on your keyboard.

Flow Visualizer control panel

  • The Flow Visualizer features a control panel with the following buttons:
    • Flow Visualizer - ViewControlPanel
  • SVG/PNG image download.
    • -SVG – scalable vector format, with low file size.
    • -PNG – raster-based format with transparency at medium file size.
  • Vertical/Horizontal chart rendering.
  • Zoom out/Full view/Zoom in.

Flow chart shapes and icons

Icons in flow char shapes indicate a number of configuration characteristics of IAM flow steps:

Icon

Description

Flow Visualizer has condition

Indicates that the IAM flow step has a Condition configured.

Flow Visualizer hat skip condition

Indicates that the IAM flow step has a Skip Condition configured.

Flow Visualizer has tags on success

Indicates that the IAM flow step has one or more Tags On Success configured.

Known Limitation

Note that IAM step plugins may also issue flow tags in their logic (e.g. in the Risk Assessment Step). Such tags are not shown in the Flow Visualizer.

When you select a flowchart shape with a mouse click, the corresponding IAM flow step information is displayed in the detail column on the right.

Besides the small indicator icons, also the shapes, their outlines, colors, and the line styles of connecting lines have different meanings:

Rendering

Description

Flow Visualizer - Step that activates an optional step

  • Blue shapes indicate IAM flow steps, green shapes indicate selection steps and their selection options.
  • The dotted line around the green selection step indicates, that the step is only executed if it has been activated.
  • The dotted activates arrow indicates that the blue Cronto Authentication Step may activate the green Cronto Extra Device Activation Step.

Flow Visualizer - Optional step flow

The hexagon shape indicates that the IAM flow step is a selection step. It is followed by one or more green selection options.

Flow Visualizer - GoTo between flow

Connection lines

  • Arrows of the goto type indicate that a goto is configured from the originating to the target step. A goto allows jumping to arbitrary other steps.
  • Arrows of the activates type indicate that the originating step may activate the target step. The target step is only executed if activated.