Step
Steps are comparable to pages in a form, where each step includes sections that focus on a specific area. By linking steps, one can create highly customizable IAM solutions.
Creating a step
A step is represented by a json object. Steps can be loaded from one json file or multiple files. Recommended setup is to keep each step in a single file. This will simplify configuration and overview.
Text shown in browser tab. Overrides overlay.
Forms - Fortified ID
Sort order of step. Omitting will result in undetermined execute order.
N/A
Used as a robot mitigator. How long before a step is allowed to be posted back to the server. Format conforms to https://en.wikipedia.org/wiki/ISO_8601
0
Favicon for this step.
Internal FortifiedID icon
Same as Flow but can override in a step
Empty array[]
List if controls for this step
N/A
Pipe to be executed moving to next step.
N/A
Same as for flow but can override in a step.
See Flow
Enable or disable this step.
true
Predicate expression controlling if step should be included or not.
"true"
Example step to create a user.
{
"controls": [
{
"id": "top_text_label",
"type": "Markdown",
"data": "# Create an Active Directory user \nEnter information about the user you want to create."
},
{
"id": "givenName",
"type": "Input",
"ui": {
"ui:size": {
"md": 6
}
},
"schema": {
"format": "strict"
},
"config": {
"type": "string",
"required": true
}
},
{
"id": "sn",
"type": "Input",
"ui": {
"ui:size": {
"md": 6
}
},
"schema": {
"format": "strict"
},
"config": {
"type": "string",
"required": true
}
},
{
"id": "mail",
"type": "Input",
"ui": {
"ui:size": {
"md": 6
}
},
"schema": {
"format": "email"
},
"config": {
"type": "string",
"required": true
}
},
{
"id": "mobile",
"type": "Input",
"ui": {
"ui:size": {
"md": 6
}
},
"schema": {
"format": "phone"
},
"config": {
"type": "string"
}
},
{
"id": "chooseRole",
"type": "ValuePicker",
"ui": {
"ui:size": {
"md": 6
}
},
"config": {
"required": false,
"options": [
{
"title": "Human Resources",
"value": "hr"
},
{
"title": "Sale",
"value": "sale"
},
{
"title": "IT",
"value": "it"
},
{
"title": "Engineering",
"value": "engineering"
}
]
}
},
{
"id": "adUserFindManager",
"type": "ActiveDirectorySingleSelect",
"ui": {
"ui:size": {
"md": 6
}
},
"config": {
"attributes": [
"cn"
],
"namespace": "${globals.ldap1_name}",
"base_dn": "${globals.ldap1_flows_search_user_dn}",
"scope": "SUB",
"pre_filter": "(distinguishedName={{flow.manager}})",
"filter": "(cn={{search_query}})",
"value_key": "distinguishedName",
"display_key": "cn"
}
}
]
}Example step to edit and find users.
Example with all main properties.
Pipe execution
If configured, execution of a pipe is done with all data available to the step. This means data will vary depending on what step is executed.
Data from all previous executed steps will be sent to pipe and accessed in pipes using {{request. pattern.
Returning from pipe execution
In order to be able to access any data returned from a pipe, return a single item in a pipe.
Data will available using {{flow.xxx}} pattern.
Skipping execution
A step can be enabled/disabled using the "enabled" flag. Both the page user interface and the pipe-execution is disabled if this flag is false.
Skipping execution conditionally
You can also enable/disable a step conditionally using the "include_expr"-expression (an expression that returns true or false). If the expression is evaluated to true, the step is included, otherwise skipped.
The actual filter is an ECMA-script (JavaScript) that MUST evaluate to true, false or to a boolean function returning true or false.