Your suggested change has been received. Thank you.

Suggest A Change

Thank you! Your suggestion has been submitted.

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

There are some errors in your form.

Your Name This field is required

Your Email This field is required

How can we improve this content? This field is required

OneWelcome Identity Platform
- Explore Thales Docs

IDAAS core
User journey orchestration
Consent and preference management
Identity broker
Delegated User Management v2
Externalized authorization
Delegated user management
- Getting started
- Roles
- Rules
- User management
- Self service page
- Data
- APIs
- Apps
- Jobs
- Reports
Risk management
- Essential rules
- Default policies (Essential)
Mobile identity
- Mobile identity - Access component
- Mobile identity - Tulip
Mobile SDK
API references
Release notes and FAQ
Integrations
Identity Orchestrator (IO)

All

All

Add flow

Authentication flows

Please Note:

Add flow
Authentication flows
Self-service flows
Admin flows
API flows
Consent flows
Custom flows
Library flows

Was this document helpful? Yes No

Feedback Sent!

If you like, you can provide additional feedback.

OneWelcome Identity Platform
Add flow
Authentication flows

Authentication flows

Authentication flows define how users access and terminate their sessions within the system. They ensure secure handling of credentials, session management, and identity validation.

Login flow

The Login flow manages the user authentication process, handling identity verification, credential validation, and any additional steps required to grant access (such as MFA or consent).

Add a login flow

Open the left sidebar and select Visual Identity Orchestrator from the menu.
This will display a list of flow categories, select Authentication.
Press ADD button.
On "choose flow type to add" select Login.
Complete the configuration by following the steps described in the add flow section, starting from step 5.

Logout flow

A Logout flow defines the process for securely ending a user session. It handles session invalidation, token revocation, and any required cleanup to ensure the user is fully signed out from the application and related services. Logout flows help prevent unauthorized access by properly terminating active authentication sessions.

Add a logout flow

Open the left sidebar and select Visual Identity Orchestrator from the menu.
This will display a list of flow categories, select Authentication.
Press ADD button.
On "choose flow type to add" select Logout.
Complete the configuration by following the steps described in the add flow section, starting from step 5.

Authentication flow best practices

Security considerations

Implement proper error handling without revealing sensitive information
Use secure session management with appropriate timeouts
Implement rate limiting to prevent brute force attacks
Log authentication attempts for security monitoring

User experience

Provide clear feedback for authentication failures
Support multiple authentication methods when appropriate
Implement remember me functionality with proper security
Offer password recovery options

Technical implementation

Validate credentials server-side
Use secure communication channels (HTTPS)
Implement proper session management
Handle edge cases (account lockout, expired passwords, etc.)

Next steps

Design authentication flows
Learn about nodes
Explore other flow categories

On this page

OneWelcome Identity Platform

© Copyright 2019-2026, Thales Group

+1 410-469-1651 supportportal.thalesgroup.com

Support
- Customer Release Notes
- Support Contacts
Legal
- End User License Agreement
- Terms of Service

© Copyright 2019-2026, Thales Group

+1 410-469-1651 supportportal.thalesgroup.com