This repository hosts the Gluu Agama-Registration project, which provides a user registration form and authentication functionality. It streamlines the user onboarding process with secure authentication flows.
The project can be deployed to any IAM server that runs an implementation of the Agama Framework like Janssen Server and Gluu Flex.
Different IAM servers may provide different methods and user interfaces from where an Agama project can be deployed on that server. The steps below show how the Agama-Registration project can be deployed on the Janssen Server.
Deployment of an Agama project involves three steps
- Downloading the
.gamapackage from project repository - Adding the
.gamapackage to the IAM server - Configure the project
Tip
Skip this step if you use the Janssen Server TUI tool to
configure this project. The TUI tool enables the download and adding of this
project directly from the tool, as part of the community projects listing.
The project is bundled as
.gama package.
Visit the Assets section of the
Releases to download
the .gama package.
The Janssen Server provides multiple ways an Agama project can be deployed and configured. Either use the command-line tool, REST API, or a TUI (text-based UI). Refer to Agama project configuration page in the Janssen Server documentation for more details.
Agama project accepts configuration parameters in the JSON format. Every Agama project comes with a basic sample configuration file for reference.
Below is a typical configuration of the Agama-Registration project. As show, it contains configuration parameters for the flows contained in it:
{
"org.gluu.agama.registration.main": {
}
}
Check the flow detail section for details about configuration parameters.
Use any Relying party implementation (like jans-tarp) to send registration request that triggers the flow.
From the incoming registration request, the Janssen Server reads the ACR
parameter value to identify which authentication method should be used.
To invoke the org.gluu.agama.registration.main flow contained in the Agama-Registration project,
specify the ACR value as agama_<qualified-name-of-the-top-level-flow>,
i.e agama_org.gluu.agama.registration.main.
Fork this repo to start customizing the Agama-Registration project. It is possible to customize the user interface provided by the flow to suit your organization's branding guidelines. Or customize the overall flow behavior. Follow the best practices and steps listed here to achieve these customizations in the best possible way. This project can be reused in other Agama projects to create more complex authentication journeys. To reuse, trigger the org.gluu.agama.registration.main flow from other Agama projects.
To make it easier to visualize and customize the Agama Project, use Agama Lab.
List of the flows:
The main flow of this project is org.gluu.agama.registration.main .
In step one, the user enters their basic information, including userName, displayName, firstName, lastName, email, and password, which the IDP checks to determine if the user is already registered. If the user is not registered, their details are saved in the database, and a success response is returned. A new acknowledgment page is then displayed, and upon clicking "Continue," the flow is completed, redirecting the user to the Relying Party.
A basic diagram to understand how the agama-registration works.
sequenceDiagram
title Agama-Registration flow
participant User
participant RP
participant IDP
participant DB
User->RP:New user try to access RP
RP->IDP:Registration form
IDP->>IDP:check if user with same email already exists
IDP->>User:User already registered try again
IDP->DB:If user not exist then save as a new user
IDP->RP:Complete registration and back to RP