Account Create policy

The Account Create policy enables users to create new accounts for themselves. This policy uses the ReCAPTCHA mechanism to verify the requests originate from a human and an Email OTP to ensure that a valid email address is being used.

  1. Ensure the prerequisites steps are completed.

  2. Configure the reCAPTCHA Verification mechanism.

  3. Configure the Email OTP delivery mechanism. From the local management interface go to...

      AAC > Policy > Authentication > Mechanism > Email One-time Password > Edit > Properties tab > SMTP server


HTML templates


JavaScript Mapping Rules


Create a new account workflow

The Account Create authentication policy enables users to create new accounts with the following workflow. The new accounts created under this workflow are of the type basic users.

  1. The user accesses https://<WebSEAL host>:<port>/mga/sps/authsvc?PolicyId=urn:ibm:security:authentication:asf:uscAccountCreate

  2. On this screen, the user is prompted to enter an email address and CAPTCHA.

    • The template page that is presented is authsvc/usc/account-create/collectEmail.html
    • The JavaScript that pre-populates the form and validates responses is USC_CreateAccount_CollectEmail

  3. On the next screen, the user is prompted to enter an OTP.

    • The OTP is delivered via Email.
    • The template page that is presented is authsvc/authentictor/macotp/login.html

  4. On the next screen, the user is presented with the enrollment form.

    • The template page that is presented is authsvc/usc/account-create/collectProfile.html
    • The JavaScript that pre-populates the form and validates responses is USC_AccountCreate_CollectProfile
    • The JavaScript that pre-populates the template and ends the policy is USC_CreateAccount_Success

  5. On the next screen, the account success page is presented.

    • The template page that is presented is authsvc/usc/account-create/success.html

Parent topic: User Self-Care operations