You can configure the Create portlet so that guest users are able to self-register. Enabling anonymous access to the create portlet is a two-step process. First, configure a Create portlet instance for anonymous use, then create a shared page to host the new portlet instance. You have the option to force the newly registered user to log in or to allow anonymous access to other identity self-service features. To create a portlet instance:
Go to the Portlet Admin page.
Register and name a new instance of the CreatePortlet, for example,
.Select the new portlet instance, then click
.Set
to false, then click .Select
and modify the preferences as needed.For example, you could specify a DetailPortlet that supports anonymous access, or you could limit the set of attributes displayed by the default instance. (The changes you make to the default instance are reflected in other parts of the User Application that use that instance.)
HINT:If you do specify the default DetailPortlet, the user is forced to log in when viewing the detail of the newly created object. For details, see Section 10.4.1, Guest Access Required Settings
To create a shared page:
Go to the
tab.Create a new page.
Under
, select . You can select other categories if you also want logged-in users to see this.Click
.Click
, add the new instance to the page, then click .Click
and make sure that is unselected.Save the page.
Other required settings include:
Create container: Every entity requires a create container. You can define a default create container for each entity type in the directory abstraction layer, or you can allow the user to select one. When you specify a default create container for the entity type, the user is never prompted for the container. When you do not specify a default, the user must select one. To allow anonymous users access to the selection list, you must change the ContainerLookupPortlet setting to false. For more information about the default Create container, see the section on the directory abstraction layer editor in the Identity Manager User Application: Design Guide.
Identity Vault Rights: The user is initially the guest user. When he or she self-registers, the User Application writes an object to the create container. To create a user object, the guest user must have create [Entry rights] in the container where new users are created. This could be inherited or restricted by using an inherited rights filter. The guest user must also have Write rights to the attribute(s) that they are allowed to create.
DNLookup controls: If the user is required to provide a value for an attribute defined as a control type of DNLookup, you need to change the ParamlistPortlet setting to false.
Passwords: If you allow an anonymous user to create an entity that requires a password, you must ensure that the anonymous account has the rights to create a password.