By: Sakit Atakishiyev user 27 Apr 2017 at 3:01 a.m. CDT

3 Responses
Sakit Atakishiyev gravatar
Hello. I have two questions. **First:** I want to know that is it possible to register user during authentication phase? Case like below. My application redirect user to Gluu server to login but user does not exist on gluu server. So before login user must be registered? How can I achieve this? **Second:** if user forget his/her password which flow I should follow to change my user password? And last can I do all of these with ``` oxd-server ```

By Aliaksandr Samuseu staff 27 Apr 2017 at 8:33 a.m. CDT

Aliaksandr Samuseu gravatar
Hi, Sakit. 1. Yes, it is. It's done via custom authentication scripts functionality. You can check our [gplus](https://github.com/GluuFederation/oxAuth/tree/master/Server/integrations/gplus) and [saml/asimba](https://github.com/GluuFederation/oxAuth/tree/master/Server/integrations/asimba) auth scripts for examples, they both enroll users on the fly. 2. A proper implementation of password reset (with some kind of email confirmation, like it's usually done) would require you to write a separate specialized app which would communicate with your Gluu instance via SCIM (SCIM endpoints are protected by UMA) or by directly accessing Gluu's internal LDAP directory (if you store users' passwords there too). A very simple implementation could be done with custom auth scripts I've mentioned already 3. oxd is only capable of what is mentioned in docs, as of now. It handles authentication and authorization (if UMA is used) for your app, within limits defined by OIDC and UMA specs.

By Sakit Atakishiyev user 28 Apr 2017 at 12:14 p.m. CDT

Sakit Atakishiyev gravatar
Thanks Aliaksandr

By Aliaksandr Samuseu staff 28 Apr 2017 at 1:36 p.m. CDT

Aliaksandr Samuseu gravatar
No problem, Sakit. You can also check [this script](https://github.com/GluuFederation/oxAuth/tree/master/Server/integrations/basic.change_password) implementing some simple password reset. At least it could be used as an example for your own script.