Validations

Validations that can be applied to Identity Cloud fields include the following:

  • blacklist
  • emailDomainBlacklist
  • format
  • match
  • matchOptions
  • maxLength
  • minLength
  • minYears
  • required
  • unique
  • disableClientSide
  • alongWith
  • whitelist
  • clientFunctionName
  • serverRegexSetting

blacklist

Enables you to prevent users from using a specified set of words in their data input; for example, you might want to prevent certain words or phrases from being used in a user’s display name. To use this attribute, you must first create an API client setting (e.g., blacklisted_words) that contains a comma-separated list of all the blacklisted terms. You then add the blacklist rule and set the rule value to the name of the setting.

When assigning the blacklist validation by using the Configuration API, your syntax will look similar to this:

{
  "rule": "blacklist",
  "value": "blacklisted_words",
  "message": {
    "key": "8a8508aa-f939-472b-bad2-59f6c0089a60"
  }
}

The blacklist validation can be used with the following field types:

  • text input

emailDomainsBlacklist

Enables you to prevent users from registering for new accounts by using email addresses from a specified set of domains; for example, you might disallow all email addresses from the akamai-documentation-test-site.com domain. To use this attribute, you must first create an API client setting (e.g., email_blacklist_setting) that contains a comma-separated list of all the blacklisted domain names. You then add the emailDomainBlacklist rule and set the rule value to the name of the setting.

When assigning the emailDomainBlacklist validation by using the Configuration API, your syntax will look similar to this:

{
  "type": "email",
  "name": "emailAddress",
  "schemaAttribute": "email",
  "validation": [
    {
      "rule": "emailDomainBlacklist",
      "value": "email_blacklist_setting",
      "message": {
        "key": "63f7c18f-521a-4b4f-94c4-0b04b870c82e"
      }
    }
  ]
}

The emailDomainBlacklist validation can be used with the following field types:

  • email

format

Asserts that the field conforms to a specified format. The format validation takes one of the following predefined formats as its value:

alpha. Only allows alphabetic characters, and must contain at least one character. Defined as /^[a-z]+$/i.

alphaExtended. Only allows alphabetic characters, dashes (-), and single quotes ('). The field value must contain at least one character. Defined as /^[a-zA-Z\-']+$/.

alphaExtendedSpaces. Only allows alphabetic characters, dashes (-), single quotes ('), and whitespace characters (\r, \n, \t, and \f). Defined as /^[a-zA-Z\-'\s]+$/.

alphaNumeric. Only allows alphabetic and numeric characters. The field value must contain at least one character. Defined as /^[a-z0-9]+$/i.

alphaNumericExtended. Only allows alphabetic and numeric characters. Allows for dashes (-), underscores (_), and periods (.) within the value, so long as they are not at the beginning or the end. The field value must contain at least three characters. Defined as /^[a-z][-a-z0-9\s_.]*[a-z0-9]$/i.

email. Only allows valid email addresses. Defined as /^.+@(?:[^.]+\.)+(?:[^.]{2,})$/.

i18nAlphaNumeric. Allows only alphanumeric characters without excluding characters containing accents (for example, é). Defined as /^[^-\s^`~!@#$%^&*()_=+\[{\]}\|;:‘“,<.>/?]+$/, it disallows the following characters:

  • whitespace characters (\r, \n, \t, and \f)
  • dashes (-)
  • carets (^)
  • backticks (`)
  • exclamation points (!)
  • at signs (@)
  • number signs (#)
  • dollar signs ($)
  • percent signs (%)
  • ampersands (&)
  • asterisks (*)
  • parentheses (())
  • underscores (_)
  • equal signs (=)
  • plus signs (+)
  • square brackets ([])
  • curly braces ({})
  • pipes (|)
  • semicolons (;)
  • colons (:)
  • single quotes (')
  • double quotes (")
  • commas (,)
  • angle brackets (<>)
  • periods (.)
  • forward slashes (/)
  • question marks (?)

noWhitespace. Disallows whitespace characters (\r, \n, \t, and \f). Defined as /^\S*$/.

numeric. Only allows numeric characters. Defined as /^(\d+)$/.

numericReal. Only allows real number values. Defined as /^(\d+\.?\d*|\.\d+|\-\d+\.?\d*|\-\.\d+)$/, it allows numbers in the following formats:

  • 1234
  • 12.34
  • .1234
  • -1234
  • -12.34
  • -.1234

phone. Only allows valid phone numbers. Defined as /^\(?([0-9]{3})\)?[-. ]?([0-9]{3})[-. ]?([0-9]{4})$/, it allows phone numbers in the following formats:

  • (123)-456-7890
  • (123).456.7890
  • (123) 456 7890
  • 123-456-7890
  • 123.456.7890
  • 123 456 7890

phoneInternational. Similar to the phone validation, but allows for an optional one to four preceding numbers. Defined as /^(\d{1,4}[-. ]?)?\(?([0-9]{3})\)?[-. ]?([0-9]{3})[-. ]?([0-9]{4})$/.

zipCode. Only allows five character numeric values. Defined as /^\d{5}$/.

zipCode+4. Similar to the zipCode validation, but allows for an optional plus-four code. Defined as /^\d{5}(\-\d{4})?$/.

When assigning the format validation by using the Configuration API, your syntax will look similar to this:

{
  "rule": "format",
  "value": "email",
  "message": {
    "key": "8a8508aa-f939-472b-bad2-59f6c0089a60"
  }
}

The format validation can be used with the following field types:

  • text input
  • email
  • password
  • text area
  • date select

match

Asserts that a field value matches the value of another field. The match value must be set to the name of another field. For example, here the value entered for a field must be exactly the same as the value entered in the confirmPasswordField field:

{
  "rule": "match",
  "value": "confirmPasswordField",
  "message": {
    "key": "8a8508aa-f939-472b-bad2-59f6c0089a60"
  }
}

The match validation can be used with the following field types:

  • text input
  • email
  • password
  • radio buttons
  • select menu

matchOptions

Protects against invalid input on select fields by requiring the value submitted to be one of the options defined in the field. Set this to false only if you plan on dynamically populating the select options yourself. This is added to select fields by default. For example:

{
  "rule": "matchOptions",
  "value": True
}

The matchOptions validation can be used with the following field types:

  • select menu

maxLength

Asserts that the value of a field has no more than the specified number of characters. For example, this syntax limits the number of characters than can be entered in a field to 30:

{
  "rule": "maxLength",
  "value": 30,
  "message": {
    "key": "8a8508aa-f939-472b-bad2-59f6c0089a60"
  }
}

The maxLength validation can be used with the following field types:

  • text input
  • email
  • password
  • text area

minLength

Asserts that the value of a field must have at least the specified number of characters. For example, this syntax requires the value to contain at least 4 characters:

{
  "rule": "minLength",
  "value": 4,
  "message": {
    "key": "8a8508aa-f939-472b-bad2-59f6c0089a60"
  }
}

The minLength validation can be used with the following field types:

  • text input
  • email
  • password
  • text area

minYears

Asserts that the value from a dateselect field is at least the specified number of years in the past. With the minYears validation you have several options available to you:

  • For the validation value, you can specify an integer value.
  • • Alternatively, you can create an API client setting (e.g., settingNameToSourceFrom) and then set the value of the setting to your minimum years value. You can then use the key parameter to reference the API client setting. By doing this, you can change the minYears value by modifying the client setting, and without having to modify the form.
  • • You can specify a default value (default) which will be used if the API client setting is not available.

When assigning the minYears validation by using the Configuration API, your syntax will look similar to this. In this example, the validation value is taken from an API client setting named settingNameToSourceFrom. If that setting can’t be found, then the default value of 13 is applied:

{
  "type": "dateselect",
  "name": "childBirthdate",
  "schemaAttribute": "birthday",
  "validation": [
    {
      "rule": "minYears",
      "value": {
        "key": "settingNameToSourceFrom",
        "default": 13
      },
      "message": {
        "key": "63f7c18f-521a-4b4f-94c4-0b04b870c82e"
      }
    }
  ]
}

The minYears validation can be used with the following field types:

  • date select

required

Asserts that a value is provided for this field; set to true to enable this validation. For example:

{
  "rule": "required",
  "value": true,
  "message": {
    "key": "8a8508aa-f939-472b-bad2-59f6c0089a60"
  }
}

The required validation can be used with the following field types:

  • text input
  • email
  • password
  • checkbox
  • radio buttons
  • select menu
  • text area
  • date select

unique

Asserts that the value of this field is unique when compared to all records within your Identity Cloud application; set to true to enable this validation. For example:

{
  "rule": "unique",
  "value": true,
  "message": {
    "key": "8a8508aa-f939-472b-bad2-59f6c0089a60"
  }
}

The unique validation can be used with the following field types:

  • text input
  • email

Using the unique validation, you have the option of including two additional validations: disableClientSide and alongWith.

disableClientState

When set to true, disables client-side validation, and verifies the uniqueness of a value only when the form is submitted. By default, unique values are checked as they are entered; for example, if a user tries to register by using a previously-used display name, they will be notified of that fact before they click the Create Account button:

If disableClientSide is set to true, however, display name validation will only take place after the user clicks Create Account.

When assigning the disableClientSide validation by using the Configuration API, your syntax will look similar to this:

{
  "type": "text",
  "name": "mobileNumber",
  "schemaAttribute": "mobileNumber",
  "validation": [
    {
      "rule": "unique",
      "value": {
          "disableClientSide": true
      }
      "message": {
        "key": "8a8508aa-f939-472b-bad2-59f6c0089a60"
      }
    }

alongWith

Provides a way to verify that the combined value of two fields returns a unique value. For example, there’s no reason why two users can’t have the same phone number (555-555-0712) as long as they have different country calling codes: 591-555-555-0712 is not the same phone as 357-555-555-0712. Using the alongWith validation, you can verify that the combined value of a user’s mobileNumberCountryCode attribute and his or her mobileNumber attribute is unique. This can be done by:

  • Specifying mobileNumber as the primary attribute.
  • Adding the alongWith validation and specifying mobileNumberCountryCode as the secondary attribute.

For example:

{
  "type": "text",
  "name": "mobileNumber",
  "schemaAttribute": "mobileNumber",
  "validation": [
    {
      "rule": "unique",
      "value": {
         "alongWith": "mobileNumberCountryCode"
       }
      "message": {
        "key": "8a8508aa-f939-472b-bad2-59f6c0089a60"
      }
    }

whitelist

Requires users to choose from a specified collection of words when entering data. To use this attribute, you must first create an API client setting (e.g., whitelisted_words) that contains a comma-separated list of all the allowed words and phrases. You then add the whitelist rule and set the rule value to the name of the setting.

When assigning the whitelist validation by using the Configuration API, your syntax will look similar to this:

{
  "rule": "whitelist",
  "value": "whitelisted_words",
  "message": {
    "key": "8a8508aa-f939-472b-bad2-59f6c0089a60"
  }
}

The whitelist validation can be used with the following field types:

  • text input

clientFunctionName

Name of the function to use for client-side validation. Functions are defined in the janrain-init.js file, and the name of that function (e.g., validateUserName) is set as the value of the clientFunctionName validation.

For example:

{
  "rule": "clientFunctionName",
  "value": "validateUserName",
  "message": {
    "key": "8a8508aa-f939-472b-bad2-59f6c0089a60"
  }
}

The clientFunctionName validation can be used with the following field types:

  • text input
  • email
  • password
  • select menu
  • text area
  • date select

serverRegexSetting

Specifies the name of an API client setting to be used for validation. For example:

{
  "rule": "serverRegexSetting",
  "value": "serverRegexSetting",
  "message": {
    "key": "8a8508aa-f939-472b-bad2-59f6c0089a60"
  }
}

The serverRegexSetting validation can be used with the following field types:

  • text input
  • email
  • password
  • select menu
  • text area
  • date select