Skip to content

Account Pending Status

This feature places users in a pending status when the process of self registration, email verification or ask password has been initiated and the confirmation mail has been sent, but the email has not been verified yet. The status claim will be set depending on the flow.

Note

With this improvement, in all these three features, self-registration, email verification and ask password, once a confirmation email is sent, the users will be moved to a pending state. The status claim will be set depending on the flow.

Adding accountState claim

In order to keep track of the users’ account states, an identity claim (http://wso2.org/claims/identity/accountState) is introduced. This stores the users’ account states. This claim is added by default to Identity Server from IS5.9.0

Refer this documentation on how to add claim mapping with MWARE IAM.

AccountState should be a readOnly claim. It cannot be updated even by the admin user. In the older IS versions before IS5.7.0, Identity Server used to send two mails upon user self registration, ask password and email verification if Account Lock feature is also Enabled. - Confirmation mail - Account Lock mail

With this improvement, these flows will only send a confirmation mail if the accountState claim is engaged and the user is in PENDING state (PENDING_AP, PENDING_EV, PENDING_SR, PENDING_LR). Once the user confirms the email, the state will be moved to UNLOCKED.

This account status can have the following values.

1. LOCKED
2. PENDING_AP
3. PENDING_EV
4. PENDING_SR
5. PENDING_LR
6. DISABLED
7. UNLOCKED

Find the description of the status

State Description
LOCKED Account is locked and not disabled.
PENDING_AP Ask password email is sent and the email is not verified
PENDING_EV Email Verification email is sent and the email is not verified
PENDING_SR Self registration email is sent and the email is not verified yet
PENDING_LR Lite User registration email is sent and the email is not verified yet
DISABLED Account is disabled
UNLOCKED Account is neither disabled nor locked
Top