Configuring Hosted Login Journey URLs in ForgeRock Identity Cloud
ForgeRock Identity Cloud offers hosted login journeys—pre-built, customizable authentication flows—to simplify secure user sign-in. Configuring these journey URLs correctly is vital to ensure smooth user experience and integration with OAuth 2.0/OIDC clients. What Are Hosted Login Journey URLs? Hosted login journeys are URLs that trigger specific authentication flows configured in ForgeRock Identity Cloud. These journeys can include multi-factor authentication, social login, or custom steps. Key Configuration Parameters realm: Specifies the realm or tenant. journey: The name of the hosted authentication journey to invoke. client_id: The OAuth client requesting authentication. redirect_uri: Where to send the user after successful login. state and nonce: Security parameters for CSRF and replay protection. Example Hosted Login Journey URL https://idp.example.com/oauth2/realms/root/authorize? client_id=your-client-id& redirect_uri=https://yourapp.com/callback& response_type=code& scope=openid profile& authIndexType=service& authIndexValue=CustomLoginJourney& state=abc123& nonce=xyz789 Here, authIndexType=service and authIndexValue specify which hosted journey to execute. ...