User Orchestration Using Authentication Actions
User-friendly and secure authentication is essential to keep users happy and protected. Authentication Actions empower you to create customizable flows to find the right balance between security and a seamless login experience.
What Are Authentication Actions?
Authentication Actions allow you to orchestrate what happens after the credentials are verified but before the session is committed. In other words, the user has been validated, but the system hasn't yet produced an authenticated session, which can later be used for Single Sign-On, etc. Actions are executed in the configured order - they can be chained - and depend on each other. They can look up information in databases, prompt the user for more information, or run other activities to ensure proper authentication and a secure login.
Action Bundles
This is a new way to work with Authentication Actions, where entire flows can be configured with only a few simple steps. Actions are bulding blocks and Action bundles are buildings, they provide recipes for well known patterns, with the full power of customizability.
Read more about Action Bundles
Auto Link Account
Creates a link between a foreign incoming account from the authenticator to the local account.
Changed Country
When a user changes countries, take additional measures.
Copy Attribute
Duplicate some attribute of the user or the current login context
Data Source
Directly transform values coming various data sources.
Date/time-based
Restrict access before/after a certain time or only during particular hours.
Deny
Prevent authentication or SSO from completing based some criteria
Impossible Journey
If a user travels an impossible distance in a given time span, take extra precautions.
JavaScript
Write small JavaScripts that transform data in the authentication context.
Lookup Account
Fetch users' account details from any underlying datasource
Lookup Linked Accounts
Finds all associated links for a local account.
Multi-factor Condition
Run additional authenticators depending on the context of a specific user log-in.
Multi-region Transfer
Detect the region a user is attempting to login from (e.g., the US, Europe, etc.) and redirect them to the appropriate one.
New Country
Take action if a user logs in from a new country.
Regex
Create regex-expressions that transforms names and values during the authentication process.
Remove Attribute
Allows you to remove one (or many) of the incoming attributes at authentication.
Request Acknowledgement
Ensure that users accept certain terms and conditions before login
Require Attribute
Checks the subject attributes, and if a required attribute is not found, the user will be prompted to fill the missing attributes.
Reset Password
Prompts the user to update their password.
Resolve Linked Account
Replace a foreign username/domain used at login with a linked username.
Selector
Present the user with a list of choices that they must select during authentication or SSO
Send Email
Send an email under certain conditions (e.g., when logging in from a new country or computer)
Sequence
Combine a number of actions and represent them as a single action, allowing you create more complex flows.
Set Attribute
Set an attribute for a user or the context in which they're authenticating to a particular value
Switch
Create workflows and execute different actions based upon on conditions.
Update Account
Update the user's account whenever certain criteria are met
See Curity Identity Server in action
In this demo, we give you a comprehensive overview of the Curity Identity Server. What it is and what problems it helps you solve.
Watch DemoNext steps
Ready to modernize IAM?
Start Today - Build security and improve ease of use to stay ahead of the competition.
