Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add documentation for the attribute uniqueness validation configuration #4911

Original file line number Diff line number Diff line change
Expand Up @@ -444,6 +444,14 @@ components:
description: Specifies if the claim will be prompted during user registration
and displayed on the user profile.
example: true
uniquenessScope:
type: string
description: Specifies the scope of uniqueness validation for the claim value.
enum:
- NONE
- WITHIN_USERSTORE
- ACROSS_USERSTORES
example: "NONE"
attributeMapping:
type: array
description: Userstore attribute mappings.
Expand Down
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Original file line number Diff line number Diff line change
Expand Up @@ -30,4 +30,9 @@ To configure alternative login identifiers for your organization:

4. Click **Update** to save the changes.

{% if attribute_uniqueness_validation %}
!!! note
A consent prompt will appear if [uniqueness validation]({{base_path}}/guides/users/attributes/configure-unique-attributes/) is not already configured for the selected attribute(s). Without confirmation, the alternative login identifier configuration will not be applied.
{% endif %}

Upon successful configuration, the login and recovery user interfaces will update according to the defined login identifier attributes.
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
{% include "../../../../../includes/guides/users/attributes/configure-unique-attributes.md" %}
7 changes: 7 additions & 0 deletions en/asgardeo/features.json
Original file line number Diff line number Diff line change
Expand Up @@ -17,5 +17,12 @@
"guides/authentication/sso-integrations/add-zoom-template.md",
"guides/authentication/sso-integrations/add-slack-template.md"
]
},

"attribute_uniqueness_validation": {
"enabled": true,
"page": [
"guides/users/attributes/configure-unique-attributes.md"
]
}
}
1 change: 1 addition & 0 deletions en/asgardeo/mkdocs.yml
Original file line number Diff line number Diff line change
Expand Up @@ -305,6 +305,7 @@ nav:
- OIDC attribute mappings: guides/users/attributes/manage-oidc-attribute-mappings.md
- OIDC scopes: guides/users/attributes/manage-scopes.md
- SCIM2 attribute mappings: guides/users/attributes/manage-scim2-attribute-mappings.md
- Configure unique attributes: guides/users/attributes/configure-unique-attributes.md
- Manage user stores:
- Manage user stores: guides/users/user-stores/index.md
- Connect a remote user store: guides/users/user-stores/configure-a-user-store.md
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -448,6 +448,14 @@ components:
description: Specifies if the claim will be prompted during user registration
and displayed on the user profile.
example: true
uniquenessScope:
type: string
description: Specifies the scope of uniqueness validation for the claim value.
enum:
- NONE
- WITHIN_USERSTORE
- ACROSS_USERSTORES
example: "NONE"
attributeMapping:
type: array
description: Userstore attribute mappings.
Expand Down
16 changes: 16 additions & 0 deletions en/identity-server/next/docs/apis/restapis/claim-management.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -1102,6 +1102,14 @@ components:
description: Specifies if the claim will be prompted during user registration
and displayed on the user profile.
example: true
uniquenessScope:
type: string
description: Specifies the scope of uniqueness validation for the claim value.
enum:
- NONE
- WITHIN_USERSTORE
- ACROSS_USERSTORES
example: "NONE"
attributeMapping:
type: array
description: Userstore attribute mappings.
Expand Down Expand Up @@ -1158,6 +1166,14 @@ components:
description: Specifies if the claim will be prompted during user registration
and displayed on the user profile.
example: true
uniquenessScope:
type: string
description: Specifies the scope of uniqueness validation for the claim value.
enum:
- NONE
- WITHIN_USERSTORE
- ACROSS_USERSTORES
example: "NONE"
attributeMapping:
type: array
description: Userstore attribute mappings.
Expand Down
Binary file not shown.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Original file line number Diff line number Diff line change
@@ -1,43 +1 @@
# Configure unique attributes

{{product_name}} can be configured to retain the uniqueness of user attributes. This allows you to keep a user attribute value as a unique value within or across all userstores.

Follow the steps below to configure:

1. Open the `deployment.toml` file in the `<IS_HOME>/repository/conf` folder and add the following configurations.

``` toml
[identity_mgt.user_claim_update.uniqueness]
enable = true
scope_within_userstore = false # Optional.
```

!!! note
To keep the uniqueness within a userstore, set `scope_within_userstore` as `true`.

2. Restart the {{product_name}}.
3. On the {{ product_name }} Console, go to **User Attributes & Stores** > **Attributes**.
2. Click **Attributes** to see the list of attributes.
3. Click **Edit** for the attribute you want to update.
4. Go to the **Additional Properties** tab and add the following property to configure the attribute's uniqueness.

<table>
<thead>
<tr class="header">
<th>Property Name</th>
<th>Property Value</th>
</tr>
</thead>
<tbody>
<tr class="odd">
<td>isUnique</td>
<td>true</td>
</tr>
</tbody>
</table>

![additional-properties]({{base_path}}/assets/img/guides/users/additional-properties.png){: width="600" style="display: block; margin: 0; border: 0.3px solid lightgrey;"}

6. Finally, click `+` button and `Update` to save the additional property.

You can now verify the functionality by attempting to add users with an existing attribute value or updating the user attribute value of an existing user.
{% include "../../../../../../includes/guides/users/attributes/configure-unique-attributes.md" %}
31 changes: 31 additions & 0 deletions en/includes/guides/users/attributes/configure-unique-attributes.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
# Configure unique attributes

User attributes can be configured to be unique. This setting determines the scope within which users must have a unique value for a given attribute.

Follow the steps below to configure the uniqueness of user attributes:

{% if product_name == "WSO2 Identity Server" and is_version != "7.0.0" %}
1. Open the `deployment.toml` file in the `<IS_HOME>/repository/conf` folder and add the following configurations.

```toml
[identity_mgt.user_claim_update.uniqueness]
enable = true
```

2. Restart {{product_name}}.
{% endif %}

3. On the {{ product_name }} Console, go to **User Attributes & Stores** > **Attributes**.
4. Under **Manage Attributes**, click **Attributes** to see the list of attributes.
5. Click the **Edit** icon corresponding to the attribute you want to update.
6. In the **General** tab of the attribute, select one of the following scopes from the **Uniqueness Validation** dropdown.

- **None**: No validation is applied. Users can have duplicate values for the selected attribute.
- **Within User Store**: Users within the same user store cannot have duplicate values for the selected attribute. However, users in other user stores may have duplicates.
- **Across User Stores**: Attribute values are unique across all user stores preventing duplicates throughout the organization.

![additional-properties]({{base_path}}/assets/img/guides/users/configure-attribute-uniqueness-validation.png){: width="600" style="display: block; margin: 0; border: 0.3px solid lightgrey;"}

7. Click **Update** to save the changes.

You can now verify the functionality by attempting to add users with an existing attribute value or updating the user attribute value of an existing user.