User profile

Attributes

You have the option to filter attributes based on attribute groups, such as user-metadata. Alternatively, you can select All groups to view attributes from all available attribute groups.
Attribute [Name]
It denotes the name of the user attribute, which serves as a unique identifier for the attribute.
Display Name
It indicates the display name of the attribute, which can also support keys for localized values.
Attribute group
It determines the user profile group where this attribute will be included, facilitating the grouping of similar attributes together.

To create a new attribute, click on Create attribute.
After clicking on Create attribute, you will be redirected to the below screen

General Settings
Attribute [Name]
It denotes the name of the user attribute, which serves as a unique identifier for the attribute.
Display name
It indicates the display name of the attribute, which can also support keys for localized values.
Multivalued
This toggle button, when enabled (toggled ON), permits the attribute to support multiple values.
When toggled OFF, it doesn't support multiple values. This setting acts as an indicator and does not enable any validation.
You can toggle it ON or OFF according to your needs.
Attribute group

It determines the user profile group where this attribute will be included, facilitating the grouping of similar attributes together.
You can choose the most suitable option from the dropdown according to your requirements.
Enabled when

This setting specifies when an attribute is available.
When scopes are used, attribute is available when at least one of configured scopes is applied in the login request. Both default and optional scopes of current request are evaluated. In the admin console and account console contexts, scopes are not evaluated and attribute is always available
Required field

This toggle button, when enabled (toggled ON), requires the attribute to be set by both users and administrators.
When disabled (toggled OFF), the attribute becomes optional.
You can toggle this setting ON or OFF according to your needs. When activated, the fields below are also enabled.

Required for

It indicates whether the field is mandatory for users, administrators, or both.
Required when

You can use this setting to designate the attribute as required only when specific client scopes are requested. This setting has two options:
Always: The attribute is required regardless of the user profile context.
Scopes are requested: The attribute is required only when the client, acting on behalf of the user, requests a set of one or more scopes.

Permission
Who can edit?
You can activate it by checking the checkbox. If activated, users or administrators can edit the attribute. Otherwise, users or administrators won't have access to edit the attribute.
Who can view?
You can enable it by checking the checkbox. If activated, users or administrators can view the attribute. Otherwise, users or administrators won't have access to the attribute.
Validations

In this section, you can define the validations that will be performed when managing the attribute value.
Upon clicking Add validator, a prompt similar to the one displayed below will appear.

Validator type

You can choose the most suitable validator based on your needs.
For instance, if you select double, you will encounter the prompt below.

Validator type
It indicates the validator type that you have previously selected.
Minimum
This is an optional configuration representing the minimum allowed value.
Maximum
This is an optional configuration representing the maximum allowed value.
Save
If you've made any changes and wish to apply them, click on Save.
Cancel
If you decide not to implement the changes, click on Cancel.
After clicking on Save, you will be directed to the screen below.

You'll find a table similar to the one displayed above, which contains the names of validators and other configuration details.
Validator name
It indicates the validator type that you previously added.
Config
It denotes the configuration settings that have been configured for the specific validator.
If you no longer need a validator, click on Delete.
Upon clicking Delete, you will receive the following prompt asking for confirmation.

Click Delete to remove it, or click Cancel if you want to retain it.
You can consult the table below to explore the various types of validators and their respective purposes.
double
This validator checks if the attribute value is a double within a specified lower and/or upper range. If no range is defined, it only verifies whether the value is a valid number.
Minimum - This optional configuration sets the minimum allowed value.
Maximum - This optional configuration specifies the maximum allowed value.
This validates whether the value has a valid email format.
Maximum length for the local part - This specifies the maximum length allowed for the local portion of the email.
By default, it is set to 64 as per the specification.
integer
This validator checks if the value is an integer within a specified lower and/or upper range. If no range is defined, it only verifies whether the value is a valid number.
Minimum - This optional configuration indicates the minimum permissible value.
Maximum - This optional configuration specifies the maximum permissible value.
length
This validates the length of the value, considering both minimum and maximum lengths.
Minimum length - It specifies the minimum permissible length.
Maximum length - It specifies the maximum permissible length.
Trimming disabled - This toggle button, when turned ON, prevents trimming the String value before performing the length check.
local-date
This validator checks if the value has a valid format based on the realm and/or user locale.
None
multivalued
This validator validates the size of a multivalued attribute.
Minimum size - It specifies the minimum size.
Maximum size - It specifies the maximum size.
options
This validator checks if the value belongs to a defined set of allowed values. It's useful for validating values entered through select and multiselect fields.
Options - It defines an array of strings containing allowed values.
pattern
This validator checks if the value matches a specific regular expression (RegEx) pattern.
RegExp pattern - It defines the RegExp pattern that the value must match.
Error message key - It specifies the key of the error message in the i18n bundle. The default message key is error-pattern-no-match.
person-name-prohibited-characters
This validator checks if the value is a valid person name. The validation is based on a default regular expression (RegEx) pattern that restricts characters not commonly found in person names.
Error message key - It defines the key of the error message in the i18n bundle. The default message key is error-person-name-invalid-character.
up-username-not-idn-homograph
This indicates that the field can only contain Latin characters and common Unicode characters. This is beneficial for fields that may be targeted by IDN homograph attacks.
Error message key - It defines the key of the error message in the i18n bundle. The default message key is error-username-invalid-character.
uri
This validator checks if the value is a valid URI.
Allowed schemes - It specifies the allowed URL schemes. By default, only 'http' and 'https' are allowed.
Allow fragment - This toggle button determines whether URLs with the URI fragment are allowed. By default, it is toggled ON.
Require Valid URL - This toggle button verifies if the specified URL is a valid URL. By default, it is toggled ON.
username-prohibited-characters
This validator checks if the value is a valid username. The validation is based on a default regular expression (RegEx) pattern that restricts characters not commonly used in usernames.
Error message key - It defines the key of the error message in the i18n bundle. The default message key is error-username-invalid-character.
Annotations

In this section, you can add annotations to the attribute. Annotations are primarily used to provide additional metadata to frontends for rendering purposes.
Upon selecting Add annotations, the following screen will appear.

Key

You can choose the desired option from the dropdown menu based on your needs.
You can also create a custom annotation according to your preference by clicking on Custom Attribute.
Upon clicking, the key field will be blank, allowing you to enter the desired key.

Value
You can input any value you wish to assign to this key.
After entering the details, to save the annotation, click on + Add Annotations.
To delete an existing annotation, click on the '-' symbol.
Create
If you've entered the details above and wish to proceed with creating the attribute, click on Create.
Cancel
If you've entered the above details but don't wish to create any attribute, click on Cancel.

You can navigate between different setting screens using this section. Simply click on the required settings type that you wish to configure.

Clicking on the three dots provides options to either Edit or Delete.
Edit
Selecting Edit will take you to the screen below.

You can configure these settings as previously explained.
Save
If you've entered the details above and wish to apply these changes, click on Create.
Cancel
If you've entered the above details but don't wish to change anything, click on Cancel.
Delete
After selecting Delete, you'll receive the following prompt for confirmation:

Click Delete to remove the attribute, or click Cancel to abort the action.
Attribute Group

Click the Refresh button to see the latest settings.

You can also choose how many attribute groups you want to display on one screen. Select your preferred option from the dropdown menu as shown above.
Name
This refers to the unique identifier for the group, which will be used to reference the group when associating an attribute with it.
Display name
It specifies a user-friendly name for the group, which should be utilized when displaying a group of attributes in user-facing forms. This name can also support keys for localized values.
Display description
It denotes a text that should be displayed as a tooltip when rendering user-facing forms.
To establish a new attribute group, select Create attributes group.
Upon clicking on Create attributes group, you will be directed to the screen below.

Name
It serves as a unique identifier for the group, which will be used to reference the group when associating an attribute with it.
Display name
It designates a user-friendly name for the group, which should be utilized when displaying a group of attributes in user-facing forms. This name can also support keys for localized values.
Display description
It denotes a text that should be displayed as a tooltip when rendering user-facing forms.
Annotations

In this section, you can add annotations to the attribute. Annotations are primarily used to provide additional metadata to frontends for rendering purposes.
Upon selecting Add annotations, the following screen will appear.

Key
You can input the desired key for the entire attributes group.
Value
You can input any value you wish to assign to this key.
After entering the details, to save the annotation, click on + Add Annotations.
To delete an existing annotation, click on the '-' symbol.
Save
If you've entered the details above and wish to proceed with creating the attribute group, click on Save.
Cancel
If you've entered the above details but don't wish to create any attribute group, click on Cancel.

If you no longer need a particular attribute group, you can click on the Delete button to eliminate the attribute group.
Upon clicking Delete, you'll receive a confirmation prompt similar to the one shown below.

Click Delete if you want to remove the attribute group, otherwise click Cancel.
JSON editor

This displays the JSON Editor for the attributes found within the User Profile section.
Last updated