43 lines
1.8 KiB
Text
43 lines
1.8 KiB
Text
=== Conditions in Conditional flows
|
|
|
|
As was mentioned in <<_execution-requirements, Execution requirements>>, _Condition_ executions can be only contained in _Conditional_ subflow.
|
|
If all _Condition_ executions evaluate as true, then the _Conditional_ sub-flow acts as _Required_.
|
|
You can process the next execution in the _Conditional_ sub-flow.
|
|
If some executions included in the _Conditional_ sub-flow evaluate as false, then the whole sub-flow is considered as _Disabled_.
|
|
|
|
==== Available Conditions
|
|
|
|
`Condition - User Role`::
|
|
This execution has the ability to determine if the user has a role defined by _User role_ field.
|
|
If the user has the required role, the execution is considered as true and other executions are evaluated.
|
|
The administrator has to define the following fields:
|
|
|
|
Alias:::
|
|
Describes a name of the execution, which will be shown in the authentication flow.
|
|
|
|
User role:::
|
|
Role the user should have to execute this flow.
|
|
To specify an application role the syntax is `appname.approle` (for example `myapp.myrole`).
|
|
|
|
`Condition - User Configured`::
|
|
This checks if the other executions in the flow are configured for the user.
|
|
The Execution requirements section includes an example of the OTP form.
|
|
|
|
`Condition - User Attribute`::
|
|
This checks if the user has set up the required attribute.
|
|
There is a possibility to negate output, which means the user should not have the attribute.
|
|
The <<_user-attributes,User Attributes>> section shows how to add a custom attribute.
|
|
You can provide these fields:
|
|
|
|
Alias:::
|
|
Describes a name of the execution, which will be shown in the authentication flow.
|
|
|
|
Attribute name:::
|
|
Name of the attribute to check.
|
|
|
|
Expected attribute value:::
|
|
Expected value in the attribute.
|
|
|
|
Negate output:::
|
|
You can negate the output.
|
|
In other words, the attribute should not be present.
|