Is there a way to track failed attempts for a field in a form?
For example, if a user attempts to confirm password on a modified form and fails three times, I would like to send an email to an admin/manager that that an invalid attempt to confirm password was made.
The only OOTB failed attempt tracking (that I know of) is for Forgot Password QnA process.
If you are submitting the form for processing on IDM, you can configure a px policy for this task to achieve this business need.
Note: You also need to store the current strike of failed attempts in the user attribute available on screen for this purpose. On form create a hidden property to match this attribute ( target).
I used ‘Validate on Change’ UI event and was able to track failures (to update the form field).
However, when the third attempt was successful, the PX still sent an email to the admin.
What is the email policy you are using to send email? How are you checking the strike count before sending the email?
Please provide the email policy details here.
I update (add values to) a multi-valued attribute and at each validation check the length of the of the attribute in the one PX-1. I am also updating a second attribute (from another PX-2 policy-Submission/Validate on Submit, tried both) if the attempt is successful. PX-2 has a lower priority number. However PX-1 is not able to read the attribute set by PX-2 in time to stop processing. This approach may be overly complex.
Yes, it seems overly complex logic.
Try this simple approach ( assuming you are using IM forms/screen and not Identity Portal form).
1- Define a password policy: Enable Track failed logins or successful logins
Enable Additional Password Policies - CA Identity Manager - 14.0 - CA Technologies Documentation
2- Configure this policy to disable account once the failed attempts exceeded the configured number.
3- Now define an Email policy that will trigger an email on Account Disable Event.
I am tracking failed attempts to submit passwords on specific tasks.
For example: if the user fails to submit the correct new password (confirm password or current password) on the 'Change My Password' or 'Reset User Password' task.
The configuration on the password policy only track login attempts.