Search code examples
wso2wso2-identity-server

Multiple user profiles usage in WSO2 Identity Server

Using Wso2 Identity Server 6.1.0

There is functionality that allows you to create multiple user profiles for a user. Is there any documentation on how to use the created profiles? Is it possible to swap context from one profile to another? If yes how to achieve it? I appreciate for any help and hints.

enter image description here

Tried research how to use it in documentation, but without results. https://is.docs.wso2.com/en/latest/guides/identity-lifecycles/customize-profiles/

Solution

  • Currently WSO2 IS has the capability to create multiple profiles for a user, update the profiles, retrieve the profile etc (Mainly profile management is supported). The public interfaces of the userstore manager component have been written in a way to manage the user based on the selected profile.

    The following diagram will show how user data is accessed by different components.

    enter image description here

    Even though multiple profile support is available, the DEFAULT profile of the user is used everywhere in the main flows (for example SCIM, Oauth2) which use the user data.

    eg:

    Here is one flow where you can retrieve the user based on a claim value defined in a specific profile. getUniqueUserWithClaimValues(claimMap, context, profile) this adaptive script function is supported in IS Refer: https://is.docs.wso2.com/en/latest/references/adaptive-authentication-js-api-reference/#:~:text=getUniqueUserWithClaimValues(claimMap%2C%20context%2C%20profile)

    Further if you have a specific usecase to retrieve a user's data defined in a specific profile, you can add an OSGi service component that invokes the userstore manager method with the relevant profile.