Advanced Identity Cloud

Legacy Social Provider Handler node

This node takes a provider selection from the Select Identity Provider node and attempts to authenticate the user. The node collects relevant profile information from the provider, transforms the profile information into the appropriate attributes and returns the user to the journey.

This node is deprecated and therefore marked as legacy. A new Social Provider Handler node with additional outcomes will be available in an upcoming release.

Implement this node with the Select Identity Provider node to use the Social Identity Provider Service.

Compatibility

Product Compatible?

Advanced Identity Cloud

Yes

PingAM (self-managed)

Yes

Ping Identity Platform (self-managed)

Yes

Outcomes

Account exists

Social authentication succeeded, and a matching PingOne Advanced Identity Cloud account exists.

No account exists

Social authentication succeeded, but no matching PingOne Advanced Identity Cloud account exists.

Properties

Property Usage

Transformation Script (required)

This script is used after the configured provider’s normalization script has mapped the social identity provider’s attributes to a profile format compatible with AM. The transformation script then transforms a normalized social profile to a managed object.

Select Normalized Profile to Managed User (default), or your own script that you have created to transform the profile to a managed object.

To view the scripts and bindings, refer to normalized-profile-to-managed-user.js.

Normalization scripts (<Identity provider>-profile-normalization.*) are not suitable for this purpose.

Username Attribute

The attribute in the underlying identity service that contains the username for this object.

Client Type

Specify the client type you are using to authenticate to the provider.

Use the default, BROWSER, with ForgeRock-provided user interfaces or the Ping SDK for JavaScript. This causes the node to return the RedirectCallback.

Select NATIVE with the Ping SDKs for Android or iOS. This causes the node to return the IdPCallback.

Store Tokens

When true, the node stores access and refresh tokens in the transient state for use by subsequent nodes in the journey.

In some cases, the social provider requires these tokens, for example, to revoke user authorization. If you choose to store tokens, you can configure a Scripted Decision node later in the journey to handle your social provider use case.

Default: false