The document discusses two features in WSO2 IS: 1) Multi Attribute Login, which allows users to login with attributes other than username such as email or mobile number; and 2) User Claim Uniqueness Management, which keeps user claim values unique across the user store. It describes how multi attribute login works by checking the login attribute against the user's claims, and provides steps to enable both features.
2. Multi Attribute Login Feature
This is to allow users to login with preferred attributes such as email, username,
mobile etc. without restricting the login attribute to the username.
2
User Claim Uniqueness Management Feature
This is to keep user claim value as a unique value in user Stores.
3. Why we need Multi Attribute Login?
3
● To allow user login with another attribute other than username.
● To allow user login with a selected attribute from a given list.
● To allow updating the login identifier.
6. 6
Login enabled
Claim URI set
User input
(login Identifier)
Get
Claim
from
URI
If claim not
available
Get
Claim
Regex
pattern
If regex is
empty
Regex
pattern
match
with the
input
If not
match
Search
users by
claim
URI and
user
Input
If user
count not
equal to
one
UserStores
If “for" is loop
over
Terminate the sign-in process
(Login Failed)
Start
Continue the login flow with
resolved user
7. Steps to Enable Multi Attribute Login Feature
7
1. Start the Identity Server and log into management console.
2. Enable multi attribute login feature
Click Resident under Identity Providers found in the Main tab.
Expand the Account Management tab(If you are using Identity Server
5.10, this feature is under the Login Policies). Then expand the Multi
Attribute Login tab and select the Enable Multi Attribute Login
checkbox.
1. Insert claim URIs in the given textbox as a comma separated array.
2. Add Regex pattern for each entered claim under the claim edit window and
enable claim uniqueness feature.
8. 8
Steps to Enable Claim Uniqueness Management Feature
1. Add following config in to deployment.toml file and restart the server.
1. Choose a claim that should be kept as unique from claim list and click "Edit".
2. Then click “Add Claim Property” under “Additional Properties”.
3. Add following new claim property and then save changes.
[[event_listener]]
id = "unique_claim_user_operation_event_listener"
type = "org.wso2.carbon.user.core.listener.UserOperationEventListener"
name =
"org.wso2.carbon.identity.unique.claim.mgt.listener.UniqueClaimUserOperationEventL
istener"
order = 101
enable = true
Property Name
Property Value
isUnique true