However, I don’t see an option for Self-Service Account Unlock.
Question
Am I missing something? Where should the self-service account unlock option appear?
If I misunderstood how this feature is supposed to work, please let me know. I’d really appreciate it if you could point me in the right direction—either where this feature should show up or how to enable it properly.
I believe this requires additional integration configuration.
When I try to enable these features, getting following warning message, I am curious you didn’t get pop like this? “warnings indicating that certain self-service functionalities for end-users are not fully configured and thus will not work.”
Potential Problems Detected:
The Following potential problems were detected, click OK to save or Cancel.
*There are no integrations configured that can unlock account. You must configure at least one before using Account Unlock.
*There are no pass through applications configured. You must configure at least one before using Forgot Password.
We need to configure the provisioning policies:
open your application – > Configuration – > Provisioning Policies
here you can find option to configure/add policies
When I dig further, I found an option to unlock the account:
Manage Identity – View Identity – Accounts – under Actions column
click on the actions column three lines icon you will find unlock option.
I have enabled couple of options from Global Settings – Login Configuration – Login settings & user reset (enable forgot password)
the use cases I have tested and my observation:
when end user first attempt to log in it is prompting to reset the password and security questions to unlock the account.
When I try to enter the wrong password for 5 times , the account has been locked as per settings.
now login with admin user – manage identity – view identity – search for the locked account identity – > Click on Manage
Here I observed locked account and there is an option to unlock icon on the profile itself, I click on it, account has been unlocked.
not sure whether these use cases are relevant to your self service unlock account.
Hi @fewthiraphat you can navigate to Global Settings → Login Configurations → Login Settings → Pass Through Application.
In the Pass Through Application option, select the application that is used by IdentityIQ to provide login accounts. You will also find a few additional options to configure here.
Once done, log out as the user. On the login UI page, you should see the Unlock Account option.
I’m pretty sure not all application definitions have the unlock functionality as an operation. If you are using a delimited file you usually don’t ‘lock’ an identity in a delimited file.
How are you defining the lock status in the application definition?
Hi @karena, thank you I tried, and now I got the Unlock Account showing right now, but i think it still not match with my requirement, I want it show on the Manage Account in each account per application.
Hi @karena, I defined it on the application object in the debug page, I added UNLOCK into featuresString, so the the moment I got the Unlock feature in Manage Account, but I agreed with you it can not ‘Unlock’ with Delimited Application.
Hi @pattabhi, Thank you for your advise, I tried it and it works, even still not match with my requirement, but this is quite useful, thank you again for your sharing
