Configure Claims¶
By default, identity claim values are stored in the JDBC datasource
configured in the deployment.toml file. If needed, you
can configure MWARE IAM to store the claim values in another user store as
well.
-
Open the
<IS_HOME>/repository/conf/deployment.tomlfile and add the following configuration to change thedata_storeproperty value toUserStoreBasedIdentityDataStore.[event.default_listener.governance_identity_mgt] priority= "95" enable = true [event.default_listener.governance_identity_store] priority= "97" enable = true data_store = "org.wso2.carbon.identity.governance.store.UserStoreBasedIdentityDataStore" -
Map the identity claims mentioned below to attributes in the underlying user store.
Info
Learn more about adding claim mapping.
-
http://wso2.org/claims/identity/accountLocked: This claim is used to store the status of the user's account, i.e., if it is locked or not. -
http://wso2.org/claims/identity/unlockTime: This is used to store the timestamp that the user's account is unlocked. -
http://wso2.org/claims/identity/failedLoginAttempts: This is used to track the number of consecutive failed login attempts. It is based on this that the account is locked.
-
Related topics