Please Note:

Identity Orchestrator (IO)
Introduction to IO
Getting started with IO
Flow management
- Add flow
  - Authentication flows
  - Self-service flows
  - Admin flows
  - API flows
  - Consent flows
  - Custom flows
  - Library flows
- Edit flows
- Design flows
- Run flows
- Import and export flows
- Flow versioning
- Debug Flow
- Flow languages
- Delete flow
- User Defined
- Flow Categorisations
- Reference
Node management
- Nodes
- Add node
- Copy node
- Delete node
- Comment nodes
- Manage variables
- Node Categories
- IO Node Types
  - Flow Nodes
    - Start Node
    - End Success Node
    - End Failure Node
    - Execute Nested Flow Node
    - Flow Callback Node
    - Nested Custom End Node
  - IO Node Types
  - Common Configurations
  - User Management
    - Authenticate User Node
    - Create User Node
    - Get User Attributes Node
    - Update User Node
    - Delete User Node
    - Lock User Node
    - Unlock User Node
    - Update User Password Node
    - User Activation Node
    - Check User Locked Node
    - Check User Pending Node
    - Refuse Invitation Node
  - User Agent Components
    - Local Storage - Add/Remove Values Node
    - Frontend Script Node
    - Local Storage - Get Values Node
    - Frontend - Form Node
    - Frontend HTTP Request Node
    - Frontend - Log Node
    - Frontend Timeout Node
    - Get User Geolocation Node
  - Server Side Components
    - Backend HTTP Request Node
    - Backend Script Node
    - Request Get Cookies Node
    - Response - Set Cookies Node
    - Request Get HTTP Headers Node
    - Backend - Log Node
    - Request Get IP Address Node
  - Utility Components
    - Override Flow Execution Template Node
    - Loop Node
    - Get Timestamp Node
    - JSON Parse Node
    - JSON Stringify Node
    - Set Flow Constants Node
    - Flow Session Update Variables Node
    - Mathematical Operations Node
    - Array Operations Node
  - Encryption and Signing
    - Encrypt Values Node
    - Recrypt User Credentials Node
    - JWT - Generator Node
    - JWT - Verifier Node
    - Hash Values Node
    - Decrypt Values Node
    - Generate Secure Key Node
  - User Session Management
    - User Session - Set Attributes Node
    - User Session Store Node
    - User Session - Get Attributes Node
    - User Session - Remove Attributes Node
    - User Session - Get and Validate Node
    - User Session - Delete Node
  - User Groups Management
    - Get Group Users Node
    - Get User Groups Node
    - Check User Group Association Node
    - Manage User Groups Node
  - User Roles Management
    - Check User Roles Node
    - Manage User Roles Node
    - Retrieve User Roles Node
  - User Applications Management
  - LDAP and Active Directory
    - LDAP - Create User Node
    - LDAP - Get User Attributes Node
    - LDAP - Update Users Node
    - LDAP - Delete User Node
    - LDAP - Authenticate User Node
    - LDAP - Reset User Password Node
    - Active Directory - Reset User Password Node
    - Active Directory - Authenticate User Node
  - One Time Password
    - OTP - Register User Authenticator Node
    - OTP - Get User Authenticators Node
    - OTP - Verify User Authenticator Code Node
    - OTP - Remove User Authenticator Node
  - Application Consent Management
    - OAuth - Request Form to User Node
    - OAuth - Allowed by the User Node
    - OAuth - Denied by the User Node
  - Custom Session
    - Custom Session - Create Node
    - Custom Session - Get Node
    - Custom Session - Replace Node
    - Custom Session - Delete Node
  - Federated Identity Providers
    - SAML2 - Generic Identity Provider Node
  - FIDO and Passkeys
    - FIDO2 - Registration Node
    - FIDO2 - Authentication Node
  - OpenID Providers
    - OpenID - Generic Identity Provider Node
    - OpenID - Azure Node
  - Token Management
    - OAuth - Token Exchange Node
    - Verify JWT Node
    - Revoke Token Node
  - Push Notifications
    - Send Push Notification Node

End Success Node


Description	The End Success node is used to close the flow with a positive result. Once executed, the flow ends and the authentication/operation is marked as successfully completed.
Available in	Authentication, Admin, Self Service, API, Library, Consent, Custom, User Defined

The set of available options may depend on the flow category or type in which the node is used.

Node Name: Flow - End Success

User Binding Configurations

User profile not mandatory

Determines whether a user profile must be resolved before issuing the authentication token. If **enabled**, the system issues a session token **without** creating or linking a user account. If **disabled**, IO attempts to **identify an existing user** and associate the session with a user profile.

Choose how to search for the user

If the previous option is disabled, defines how IO **matches the user** during the lookup phase. You can search by **username** or by a specific user **attribute**. An **Ignore Case** option is also available for case-insensitive matching.

Node Configurations

Redirect URL

Defines the **destination URL** to which the user is redirected once the node ends.

TTL of the authentication Session

Defines the **total lifetime** of the authentication session in **minutes**. After this time expires, the session becomes invalid. **Default**: `480`

Idle time of the authentication Session

Defines the **maximum** period of **inactivity** allowed for the session in minutes. **Default**: `240`

Where do you want to save the token?

Determines where the **authentication token** will be stored on the client side: **Local Storage** or **Cookie**. If Cookie is selected, you can configure the cookie domain and related settings.

Authentication — Logout flows

Node Name: Flow - End Success

Redirect URL

Defines the **destination URL** to which the user is redirected once the node ends.

Delete user Session

If enabled, the active user session is **invalidated and deleted** at the end of the flow execution.

Where do you want to delete the token from?

Determines where the **authentication token** will be deleted from: **local storage** or a **cookie**. If Cookie is selected, you can define which cookies will be removed.

Self Service / Admin flows

Node Name: Flow - End Success

Redirect URL

Defines the **destination URL** to which the user is redirected once the node ends.

API flows

Node Name: Flow - End Success

Body

Defines the **HTTP response body** returned by the node or the flow. The value you configure (JSON or plain text) is returned to the client as the response body.

Status

Defines the **HTTP status code** returned in the response.

API Headers

Allows you to define custom **HTTP headers** to include in the response. These headers are returned together with the response body and status code.

Cookie Configurations

Allows you to include **Set-Cookie headers** in the response. You can create, modify, or expire cookies that will be sent to the client together with the response.

Node Name: Flow - End Success

Configuration: Redirect URL (see above)

Library flows

Node Name: Flow - Nested Success

No configurations required. Terminates the nested flow with a successful outcome and returns control to the parent flow.

Custom / User Defined flows

Two separate nodes available:

Flow - End Success Frontend

Configuration: Redirect URL

Flow - End Success Backend

Configurations: Body, Status, API Headers, Cookie Configurations

Suggest A Change

End Success Node

User Binding Configurations

Node Configurations

Authentication — Logout flows

Self Service / Admin flows

API flows

Library flows

Custom / User Defined flows

Flow - End Success Frontend

Flow - End Success Backend

On this page

Suggest A Change

End Success Node

Authentication — Login flows

User Binding Configurations

Node Configurations

Authentication — Logout flows

Self Service / Admin flows

API flows

Consent flows

Library flows

Custom / User Defined flows

Flow - End Success Frontend

Flow - End Success Backend

On this page