Environment variables

In this article, we provide a comprehensive overview of the environment variables used in Strivacity. These variables, which include native claims, local variables, and context variables, play a crucial role in configuring and customizing authentication journeys. Understanding these variables will enable you to effectively manage customer data and streamline your security policies.

Native claims

Native claims represent how customer data is expressed within Strivacity. This is a layer of abstraction that allows account attributes to be associated with dialects or mappings. They ensure consistent and accurate data handling across different components of the authentication journey.

Functions:

Set up native claims within identity stores to correspond with account attributes.
Synchronize claims from social login or enterprise login providers with account attributes through native claims in Claim Mapping.
Define local variables to pass back to the Lifecycle Event Hook, enabling custom logic or actions based on the outcome of the authentication journey in the Journey Builder exit success or exit failure steps.
Configure multi-branch workflows based on conditional rules written against native claim values in the Journey Builder condition step.
Persist customer input or data collected during the authentication journey to account attributes via native claims in the Journey Builder persist data step.
Define targeting based on native claims in A/B testing.
Incorporate native claims into email templates within notification policies to include relevant account attributes automatically.
Collect verified customer data in account attributes via native claims during the identity verification data collection step in an identity verification policy.

Local variables

Local variables are temporary data points created during an authentication journey. These variables store transient information, such as customer input or identity verification results, and are used to facilitate dynamic decision-making and customization throughout the authentication process.

Functions:

Map local variables to native claims in the Journey Builder input step.
Configure multi-branch workflows based on conditional rules written against local variables in the Journey Builder condition step.
Persist customer input or data collected from local variables during the authentication journey in the Journey Builder persist data step.
Define local variables to pass back to the Lifecycle Event Hook, enabling custom logic or actions based on the outcome of the authentication journey in the Journey Builder exit success or exit failure steps.

Context variables

Context variables are data points that capture the state and details of the current authentication session. These variables include information about the customer's session, device, and environmental conditions, enabling customized and context-aware decision-making throughout the authentication journey.

Functions:

Configure multi-branch workflows based on conditional rules written against session context variables in the Journey Builder condition step or Lifecycle Event Hooks.
Persist customer input or data collected from context variables during the authentication journey in the Journey Builder persist data step.
Define context variables to pass back to the Lifecycle Event Hook, enabling custom logic or actions based on the outcome of the authentication journey in the Journey Builder exit success or exit failure steps.
Define targeting based on context variables in A/B testing.
Build custom logic in Lifecycle Event Hooks with the use of context variables.

Available context variables

Within the Journey Builder and A/B testing:

Context variable	Definition
application.name	The name of the application.
application.client_id	The unique identifier of the client.
application.application_id	The unique identifier of the application.
location.ip_address	The public-facing IP address of the customer’s device.
location.anonymous_proxy	Indicates whether the location belongs to an anonymous proxy or Tor browser.
location.location	The main object representing the entire geographical feature, encapsulating all metadata about a location as defined by GeoJSON standards.
location.location.type	Defines the kind of geographical shape, like a point, line, or area, that represents the location.
location.location.geometry.type	Specifies the type of shape used for the location, such as a single point or a larger area like a polygon.
location.location.geometry.coordinates	Lists the exact positions (like latitude and longitude) that describe where the location is on a map.
location.location.properties	Contains additional properties or metadata about the location, such as names, descriptions, or other contextual details that provide further information about the geographical feature.
oidc_context.ui_locales	Specifies the preferred user interface locales (languages) as requested during the OIDC authentication process.
oidc_context.acr_values	Lists the requested Authentication Context Class References (ACR) during the OIDC authentication process, which indicate the desired authentication strength or method (e.g., multi-factor authentication).
oidc_context.login_hint	Provides a hint to the authentication server about the customer’s identity, often used to pre-fill the username field or direct the customer to a specific authentication method.
saml_context.subject.name_id	Represents the unique identifier of the subject (customer) in a SAML authentication request, used to match the customer across systems during authentication and authorization.
store	The identifier of the identity store containing the customer.
language	The language preference set for the session or customer.
customer.last_login.location	The location associated with the customer’s last login.
customer.last_login.ip	The IP address used during the customer’s last login.
customer.created_at	The date and time when the customer’s account was created.
customer.last_login.time	The date and time of the customer’s last login.
customer.number_of_logins	The total number of logins by the customer.

Within Lifecycle Event Hooks:

Variables that can be found in most hooks:

Context variable	Definition
application	An object that represents the context of the application involved in the authentication process.
application.name	The name of the application.
application.client_id	The unique identifier of the client.
application.application_id	The unique identifier of the application.
oidc_context	An object that represents the context of an OIDC authentication request.
oidc_context.ui_locales	Specifies the preferred user interface locales (languages) as requested during the OIDC authentication process.
oidc_context.acr_values	Lists the requested Authentication Context Class References (ACR) during the OIDC authentication process, which indicate the desired authentication strength or method (e.g., multi-factor authentication).
oidc_context.login_hint	Provides a hint to the authentication server about the customer’s identity, often used to pre-fill the username field or direct the customer to a specific authentication method.
saml_context	An object that represents the context of a SAML authentication request.
saml_context.subject	Represents the subject (customer) involved in a SAML authentication request, containing attributes and identifiers used to authenticate and authorize the customer across systems.
saml_context.subject.name_id	Represents the unique identifier of the subject (customer) in a SAML authentication request, used to match the customer across systems during authentication and authorization.
customer	An object that represents the customer’s context within the authentication session.
customer.location	An object representing the geographical context of the customer.
customer.location.anonymous_proxy	Indicates whether the location belongs to an anonymous proxy or Tor browser.
customer.location.location	Encapsules all metadata about a location as defined by GeoJSON standards.
customer.store	The identifier of the identity store containing the customer.
customer.info	An object containing metadata about the customer based on account attributes stored in the identity store.
customer.info.id	The identifier of the customer.
customer.language	The language preference set for the session or customer.
customer.groups	Groups to which the customer belongs.
customer.consents	The consents provided by the customer.
customer.account_proofings	Records of the passed and failed identity verification processes associated with the customer’s account.
customer.organization	Organizations to which the customer belongs.
customer.organization.id	The unique identifier of the customer’s organization.
customer.roles	The roles assigned to the customer.
customer.ip_addresss	The public-facing IP address of the customer’s device.
customer.last_login	The location associated with the customer’s last login.
session	An object used within an event hook to store and manage data throughout the lifecycle of a session. It enables communication and data sharing between different event hooks, allowing hooks to interact and pass information throughout the session.

Variables in blocking hooks:

Context variables	Definition
continue_context	A collection of processed query parameters returned by the continue API, capturing the data passed back when a continuation flow is invoked.
continue_request_parameters	An object that represents the parameters associated with a continuation request.
continue_request_parameters.callback_url	A URL endpoint that specifies where the customer should be redirected after completing a particular action or step in a continuation flow, such as authentication.
continue_request_parameters.state	A unique value that maintains the state of the request between the client and the authentication server.
journey_result	Contains the outcome of a journey as defined by the configured exit step. It includes a 'result' field indicating success or failure based on the exit step type, and 'returnValues', which are key-value pairs specified in the applied exit step.