Account recovery journey

Strivacity provides two essential journeys that support customers in accessing their accounts when login information is forgotten: the password recovery and username reminder journeys. The following diagrams and detailed steps outline each process.

Username reminder

Username reminder journey

Username reminder journey

  1. Self-service initiation
    The customer selects the "Forgot your username?" link on the local identity input screen.
  2. Verification for username reminder availability
    This link will only appear if certain conditions are met:
    1. Username is set as an enabled identifier in the identity store.
    2. Username reminders are enabled in the self-service policy.
    3. A confirmed email and/or SMS target exists for the account.
  3. Sending username reminder
    Depending on the account setup, the system either:
    1. Sends an email with the username to the confirmed email address.
    2. Sends an SMS message with the username to the confirmed phone number.
  4. Returning to login
    Once the username reminder is sent, the customer is provided with an option to return to the login screen to continue with the login process.

Password reset

The password reset flow allows customers to securely reset their account password using self-service options. Here's a step-by-step explanation:

Password reset journey

Password reset journey

  1. Self-service initiation
    Customers start the password reset process by selecting the "Forgot your password?" link on the password screen, or an admin can initiate it on their behalf.
  2. Authentication options
    The system presents two methods for identity verification:
    1. Send email magic link: A link is emailed to the customer to reset the password.
    2. Send SMS OTP: A one-time password (OTP) is sent via SMS for verification.
  3. OTP challenge (if SMS is selected)
    Customers must complete the OTP challenge by entering the code received via SMS to proceed.
  4. Create a new password
    Once authenticated, customers are directed to a screen where they can create a new password.
  5. Passkey promotion (Optional)
    After successfully resetting the password, customers are encouraged to set up a passkey for enhanced security and seamless authentication in the future.
  6. Completion
    The flow concludes with a Back to Login button, allowing customers to return to the login page and access their account using the newly created password.

📘

For details on how identifier configuration in the identity store affects username reminders and password resets, see Identifier configuration effects.

Extensibility points

Strivacity's customer journeys have various points where custom Journey Builder workflows and Lifecycle Event Hooks can be inserted to extend the natively configured workflows. These extensibility points are triggered by various events that happen during the customer journey.

There are two types of hooks: synchronous, which pauses Strivacity’s workflow until the script completes execution, and asynchronous, which runs the script without interrupting the workflow.

In the account recovery journey, the following extensibility points are available:

Before password reset: This event is triggered immediately before the password reset process begins. It allows for custom validation and authentication checks before the user is permitted to set a new password. Synchronous hook.

Before password persist: This event is triggered immediately proper to the password persistence in external or internal databases, enabling custom validation and synchronization steps before persisting the new password. Synchronous hook.