PingAM 8.0.0

Suspend journey progress

Suspending journeys lets you save a user’s progress through an authentication tree, and later resume from the same point.

Any input provided during the journey is saved when the authentication tree is suspended, and restored when the authentication tree is resumed. This lets the authentication tree continue after closing the browser, using a different browser, or even on a different device.

When suspending an authentication tree, you provide the user with a URL they must visit to resume their journey. That URL contains a unique identifier for retrieving the saved progress, and can only be used once. These URLs are sometimes referred to as magic links.

The Email Suspend node supports suspended journeys.

Typical use cases include passwordless authentication, and email verification during progressive profile completion.

The following example lets a user authenticate if they have forgotten their username:

The example

After obtaining the user’s email address in the Attribute Collector node, the example tree attempts to identify the user. Then, the tree attempts to email the user, and suspends itself.

Note that both the True and False outcomes are mapped into the Email Suspend node to reduce potential data leakage. If the username is found, it is included in the email sent to the user, along with the link to use to resume the authentication tree.

When the user follows the link, the authentication tree resumes at the Inner Tree Evaluator node, which lets the user authenticate with their recovered username and credentials.

Configure suspended journeys

You can configure the maximum duration of a journey session so that resources can be freed up if the journey is not completed. You can also configure how long a journey session can be suspended.

You should set the maximum duration to the maximum time required to complete the journey. For example, if you’re sending an email, 10 minutes might be reasonable. The time allowed for suspending a journey must be the same as or less than the maximum duration of the journey session.

Maximum duration

The maximum duration can be set at different levels to provide greater control over the length of journey sessions.

AM determines which setting to apply to the journey session in the following order of precedence:

  1. The timeout settings in the Update Journey Timeout node.

  2. The maximum duration set for an authentication tree.

    Set the treeTimeout property in the tree configuration.

    Duration values set on inner trees are ignored.

    Learn more in Configure journey session duration in a tree.

  3. The maximum duration set in the realm.

    Go to Realms > Realm Name > Authentication > Settings > Trees > Max duration (minutes) to change the maximum duration.

    Learn more in Core authentication attributes.

  4. The maximum duration set globally for the AM site. The default is 5 minutes.

    Go to Configure > Authentication > Core Attributes > Trees > Max duration (minutes) to change the maximum duration.

    Learn more in Core authentication attributes.

Suspend duration

The suspend duration can be set at different levels to provide greater control over how long a journey session can be suspended.

AM determines which setting to apply to the journey session in the following order of precedence:

  1. The suspend duration set in a node:

  2. The suspend duration set in the realm.

    Go to Realms > Realm Name > Authentication > Settings > Trees > Suspended authentication duration (minutes) to change the suspend duration.

    Learn more in Core authentication attributes.

  3. The suspend duration set globally for the AM site. The default is 5 minutes.

    Go to Configure > Authentication > Core Attributes > Trees > Suspended authentication duration (minutes) to change the suspend duration.

    Learn more in Core authentication attributes.

Add suspended journeys to custom nodes

You can enable suspended journeys in your custom nodes using the suspend method.

Override the length of time a journey session can be suspended in minutes using the suspendDuration method.

Learn more in the Action class.