Lookup Account

The lookup account authentication action uses the current subject attributes to lookup an account on an account manager and then adds it to the action’s output attributes. The name of the input subject attribute to use for the lookup is configurable, as well as the lookup criteria (e.g. username, email, phone number). If an account is found, the account information is added to an account attribute on a configurable location (e.g. subject attributes, context attributes, or action attributes).

Configuration Mandatory Description
account-manager yes The account manager that will be used to retrieve the user’s account attributes from the datasource.
abort-authentication-if-user-not-found no If true, the action plugin aborts the authentication flow if the looked up user is not found in the underlying datasource. Defaults to false.
source-attribute-name no The subject attribute to be used by the lookup method for searching the user. Default is subject.
lookup-method no The method to be used for looking up the user. Supported methods are by-username, by-email, by-phone. Default is by-username.
attribute-location no The location where the looked-up account attributes should be added. Supported locations are subject-attributes, context-attributes, action-attributes. Default is subject-attributes.

This action is open source and the code can be found on the action’s GitHub project page.