IBM Verify

 View Only

 Re-initiate authentication flow after password reset

Jump to  Best Answer
Sahan Thilina's profile image
Sahan Thilina posted Thu April 17, 2025 02:06 AM

Hi all,

We are using two authentication policies for login. For the first time login we are triggering a force password reset flow after the successful authentication of both policies. Is it possible to re-initiate the authentication flow from beginning after the password reset?

Thanks in advance.

Tushar Prasad's profile image
Tushar Prasad posted Fri May 02, 2025 11:55 PM  Best Answer

1.

get the url like this

var url = context.get(Scope.REQUEST, "urn:ibm:security:asf:request:parameter", "URL");

2.then you can set in the beginning of the rule

if(url != null){

state.put("URL", url);

}

later you can in any mapping rule fetch this using

var url=state.get("URL");

This is just a snippet , you can refine as you would like .

Tushar Prasad's profile image
Tushar Prasad posted Thu April 17, 2025 08:47 AM

Hi Sahan

Are you not able to make use of Branching Authentication Policies

https://www.ibm.com/docs/en/sva/11.0.0?topic=configuration-branching-authentication-policies

Sahan Thilina's profile image
Sahan Thilina posted Thu April 17, 2025 11:56 PM

Hi Tushar,

We could re-add the old branches again under the 3rd step, however we wanted to check if there's a more standard approach to just reset the authentication and send the user through the already existing authentication mechanism. Adding a bit more info below on the current setup,

#First Authentication
local-response-redirect-uri = [login] /mga/sps/authsvc?PolicyId=urn:ibm:security:authentication:asf:AA_userPass
 
#MFA

(Image attached)

Attachment  View in library
Branches_Edited.PNG 18 KB

Related Content