Create users using their citizen identification number (ID)

By: Gustavo Valverde user 28 Feb 2023 at 6:06 a.m. CST

2 Responses
Gustavo Valverde gravatar
We'd like to deploy a registration workflow for our citizens with a decoupled frontend (made by us). But we're not sure where to start making customizations. We have a frontend in React which requires the user to input their: - Identification Number - Email - Password We'd like to create a user in the `jansPerson` table with these information, to be used for further authentications using OIDC. The username for this new "person" must be their Identification Number, and we'd like to request the user an email confirmation, and allow them to later link Google and/or Apple to their account, or a FIDO device (Android, Apple, Yubikey). Is there a guideline we can follow on how to accomplish these requirements, or the required customizations to make it happen? More context: - We're using Gluu Flex - We're deploying this solution from a Government institution to use it as the Citizens Authentication System for our country
Gluu Other Docker 1.0
closed

Answers

By Aliaksandr Samuseu staff 28 Feb 2023 at 2:46 p.m. CST

Copy
Aliaksandr Samuseu gravatar
Hi, Gustavo. I was told that your requirements are getting discussed by our engineers internally. I assume somebody from the task group will reach to you shortly, they just need some time to find the solution.

By Michael Schwartz Account Admin 28 Feb 2023 at 11:32 p.m. CST

Copy
Michael Schwartz gravatar
Because your registration form is in React, you need to use SCIM to create the user in the Gluu Server. Note: you cannot call the SCIM API from the react app itself (there is no way to protect the SCIM client secret... and the SCIM API should **not** be Internet facing). The username is just a string, so I don't see any problem using the id number. For the email confirmation, I'd suggest defining this identity journey using Agama. Perhaps we can schedule a demo next week, as this is a very new feature, but it's perfect for this requirement. For FIDO registration, I'd suggest deploying Casa to enable the user to enroll and manage their FIDO devices. You could also use an Agama workflow for this, although we don't have out of the box flows written for this yet, like we do in Casa. So net-net, this is all very possible with Gluu Flex. But i think you need a better overview of the new capabilities. Like I said, the best path forward would be to schedule a meeting: https://gluu.org/booking

Post an answer