Previous Topic: Sample Self-Registration HandlerNext Topic: Writing a Custom Forgotten Password Handler


Logical Attribute Handler: Forgotten Password

CA IdentityMinder provides a Forgotten Password task that lets you reset or retrieve a password. You can respond to one or more verification questions at run time, or select questions from a predefined list.

When you initiate the Forgotten Password task, CA IdentityMinder does the following:

  1. Displays an Identify screen. The user enters an ID.
  2. The Forgotten Password Search Handler looks up the user. If the user is found, the task enters the verification stage. If no user is found, an error message is displayed, and the user can try again. An administrator can configure limits on failed or successful attempts.
  3. For verification, the Forgotten Password Search Handler invokes the Forgotten Password Handler, which converts the defined physical attributes to logical ones.
  4. The Forgotten Password handler also presents at least one verification question. The Forgotten Password Search Handler validates the answer and checks for success based on task configuration.
  5. The Forgotten Password Search Handler invokes the Forgotten Password Handler as many times as necessary, if more verification questions are configured.
  6. After the criteria for success have been met, control passes to the tabs configured for the task. Depending on the configuration, the user can reset the password. Alternatively, CA IdentityMinder can issue a temporary password (which is typically displayed), or it can be sent by email to the user.