WSO2 CIAM User Lifecycle
End-to-end Identity Lifecycle Management for your Customers
This is for those of you who wanted to understand the WSO2 CIAM User Lifecycle in detail.
Points to keep in mind for Readers
1. This diagram is a state diagram; NOT a “flow chart” diagram. Therefore it doesn’t show you the different workflows that trigger the state transitions. The next step would be to come up with a flow diagram as well for this state diagram, to see the full picture.
2. This diagram illustrates an “ideal” user lifecycle based on WSO2 CIAM’s current identity management features; it does not necessarily mean that all the transitions mentioned here are currently possible with out-of-the-box capabilities of the product; a few of them may need customizations; but I’ve given priority to try and make the lifecycle as complete as possible.
3. The guard conditions specify the “overall effective policy for that particular instance of the workflow” in the Identity Server — not any specific configuration either in a file, or Resident IdP, etc. It could be an evaluation of multiple underlying variables. It could even include user preferences (claims); which means the condition evaluations can result in either true or false depending on the specific user profile as well and not just the product or application configuration.
4. Detailed substates within certain states like for example, pending confirmation of email verification link, or challenge questions being partially answered (2 out of 3) have been omitted.
5. Email addresses and mobile numbers have been considered as first class verifiable claims.
6. MFA Enrolment has only been considered as a generic state transition; it does not show the different types / multiplicity it may have.
