Password Reset script includes

  • Release version: Xanadu
  • Updated August 1, 2024
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Password Reset Script Includes

    The Password Reset plugin offers script includes that facilitate password reset processes within ServiceNow. These script includes contain extension points, allowing customers to customize functionalities related to user verification and enrollment.

    Show full answer Show less

    Key Features

    • Enrollment Check Script Includes: These scripts determine if a user is enrolled for Password Reset, using parameters like userId and verificationId. Examples include:
      • PwdAlwaysEnrolled - Always returns true.
      • PwdQuestionsEnrollmentCheck - Checks enrollment via security questions.
    • Identification Form Processor: These scripts help identify users based on input. They return the user's sysid or null if not identified. Key scripts include:
      • PwdIdentifyViaEmail - Verifies identity through email.
      • PwdIdentifyViaUsername - Verifies identity through username.
    • Enrollment Form Processor: These scripts manage user enrollment, returning a boolean indicating success. They utilize parameters such as userId and verificationId. Key scripts include:
      • PwdEnrollQuestionsProcessor - Manages question-based enrollments.
      • PwdEnrollSMSProcessor - Manages SMS verification enrollments.
    • User Account Lookup: Provides functionality to return credential store account IDs using userId. Example:
      • PwdDefaultUserAccountLookup - Default user account lookup script.
    • Password Generator: Generates an auto-generated password from provided parameters. Example:
      • PwdDefaultAutoGenPassword - Generates a password from a random word and digits.
    • Verification Processor: Confirms user identity and returns a boolean. Key scripts include:
      • PwdVerifyPersonalDataProcessor - Verifies user answers against expected data.
      • PwdVerifySMSProcessor - Handles SMS verification.
    • Post Processor: Executes custom actions after the Password Reset process. It takes parameters like resetRequestId and wfSuccess to manage outcomes.

    Key Outcomes

    By utilizing these script includes, ServiceNow customers can effectively manage password reset functionalities, customize user verification methods, and handle enrollment processes seamlessly. This results in improved user experience and enhanced security during password management tasks.

    The Password Reset plugin installs script includes that implement password reset processes. To enable you to extend functionality, each base-system script include provides extension points that you can use to invoke "extension scripts" that you customized.

    The extension script category refers to the specific types of behavior for an extension script (for example, credential store, verification, identification type, or as a post-processor).

    'Enrollment check' script includes

    All enrollment check script includes take the following parameters and return a boolean indicating whether the user is enrolled for Password Reset.
    • params.userId: The sys_id of the user being checked (table: [sys_user]).
    • params.verificationId: The sys_id of the verification being checked (table: [pwd_verification]).
    Name Description
    PwdAlwaysEnrolled Default check of whether a user is enrolled that always returns true.
    PwdMockIsEnrolled Default check of whether a user is enrolled that always returns true.
    PwdQuestionsEnrollmentCheck Determines whether a user has enrolled for Password Reset using security question verification.
    PwdSMSEnrollmentCheck Determines whether a user has enrolled for Password Reset using SMS verification.

    'Identification form processor' script includes

    Identification form processor script includes provide functionality for extending identification processing.

    All identification form processor script includes take the following parameters, and return the sys_id of the user that corresponds to the requested input. If the user was not identified, it returns null.
    • params.processId: The sys_id of the calling Password Reset process (table: [pwd_process]).
    • param request: The form request object. Fields in the form can be accessed with request.getParameter('<element-id>'). The supported request parameter is sysparm_user_id, the user identifier value entered in the form.
    Name Description
    PwdIdentifyViaEmail Verifies a user's identity by checking the email address.
    PwdIdentifyViaUsername Verifies a user's identity by checking the user name.

    'Enrollment form processor' script includes

    Enrollment form processor script includes provide functionality for extending enrollment form processing.

    All enrollment form processor script includes take the following parameters, and return a boolean indicating whether the user was successfully enrolled.
    • params.userId: The sys_id of the user trying to enroll (table: [sys_user]).
    • params.verificationId: The sys_id of the verification used to enroll (table: [pwd_verification]).
    • params.enrollmentId: The sys_id of this enrollment process.
    • request: The form request object. Fields in the form can be accessed with request.getParameter('<element-id>').
    You should add the following information to the state of the enrollment process:
    • gs.getSession().putProperty("result.status",status): Whether the user was successfully enrolled.
    • gs.getSession().putProperty("result.message",message): An associated message to be returned to the UI, such as a detailed error message.
    • gs.getSession().putProperty("result.value",value): A custom value associated with the enrollment.
    Name Description
    PwdEnrollQuestionsProcessor Handles questions and answers for verification.
    PwdEnrollSampleProcessor Provides an enrollment processor for sample verification.
    PwdEnrollSMSProcessor Provides an enrollment processor for SMS verification.

    'User account lookup' script includes

    User account lookup script includes return the credential store account_id for a given user.

    The following parameter returns the credential store account_id for a given user. params.userId: The sys_id of the user being checked (table: [sys_user]).
    Name Description
    PwdDefaultUserAccountLookup Provides a default script for user account lookup from a user_id to the account in a credential store. The default mapping is to use the user name as the account name.

    'Password generator' script includes

    Password generator script includes take the following parameter, and return an auto-generated string password.

    params.credentialStoreId: The sys_id of the calling Password Reset process (table: [pwd_process]).

    Name Description
    PwdDefaultAutoGenPassword Generates a password from a random word and 4 digits.

    'Verification processor' script includes

    If the user identity is verified, the verification processor script includes return true.

    Verification processor script includes take the following parameters:
    • params.resetRequestId: The sys_id of the current Password Reset request (table: [pwd_reset_request]).
    • params.userId: The sys_id of the user to be verified (table: [sys_user]).
    • params.verificationId: The sys_id of the verification (table: [pwd_verification]).
    • request: The form request object. Access the fields in the form with request.getParameter('<element-id>').
    Name Description
    PwdVerifyPersonalDataConfirmationProcess Verifies that the user accepts the answer.
    PwdVerifyPersonalDataProcessor Verifies that the user's answers match the expected data in the system.
    PwdVerifyQuestionsProcessor Provides question and answer verification of user input on the second page of the verification form.
    PwdVerifySimpleProcessor Provides simple verification of user input on the second page of the verification form.
    PwdVerifySMSProcessor Provides SMS verification of user input on the second page of the verification form.

    'Post processor' script includes

    Post processor script includes execute custom actions after the Password Reset process has completed.

    All post processor script includes take the following parameters.
    • params.resetRequestId: The sys_id of the current Password Reset request (table: [pwd_reset_request]).
    • params.wfSuccess: A flag indicating whether the workflow completed successfully: True if, and only if, successful.
    Name Description
    PwdPostProcessor Executes actions after the process completes for success, failure, or both conditions.