Is there documentation or other examples somewhere for creating custom Authentication activities for FIM workflows? I am interested in how these work and might be programmed to interact with a client. The MSDN developer information indicates that this info is not currently available - any updates on this? Thanks! -Jeremy

i think the doc (no sample) is coming in late april or late may a quick summary: Workflow is a .net thing, same as Activity. WF can contain different activities... and u can control the logic of the wf using different activity (e.g. WhileActivity) for AuthN, unlike AuthZ or Action, there is no extensibility point at the activity. You can ONLY add AuthenticateGateActivity in a AuthN WF. AuthenticateGateActivity will host a AuthenticateGate written by you. AuthenticateGateActivity and AuthenticateGate are both in Microsoft.ResourceManagement.dll you need to write a class that extends AuthenticateGate (P.S. u need a corresponding piece for the Workflow Designer for the FIMPortal UI)The FIM Password Reset Blog http://blogs.technet.com/aho/

Thanks Anthony, I am familiar with writing workflows for FIM and writing the UI piece for the Workflow Designer. If I look at the built-in AuthN workflow for Password Reset I see that the workflow contains a Password Authentication Challenge activity, then a Lockout Gate activity, and then a QA gate activity. Are all of these workflows derived from the AuthenticationGateActivity such that they meet your requirement above saying "You can ONLY add AuthenticateGateActivity in a AuthN WF" ? -Jeremy

in the UI, u never really see the term "Password Authentication Challenge activity". If u are writing the WF Designer piece, (i.e. extending ActivitySettingsPart), you can specify whatever Title you want. If the default FIM UI shows "Authentication Gate Activity" for different types of gates, it will be super confusing when ITPro is config-ing the system. basically your code should be like public override Activity GenerateActivityOnWorkflow(SequentialWorkflow workflow) { AuthenticationGateActivity authenticationGateActivity = new AuthenticationGateActivity(); authenticationGateActivity.AuthenticationGate = your gate here ; return authenticationGateActivity; } If u look at the XMOL of the default WF, it's a AuthNWF, hosting 3 AuthNGateActivity... and each Activity hosts a different Gate <ns0:AuthenticationWorkflow x:Name="AuthenticationWorkflow" ActorId="00000000-0000-0000-0000-000000000000" WorkflowDefinitionId="00000000-0000-0000-0000-000000000000" RequestId="00000000-0000-0000-0000-000000000000" Mode="Validation" TargetId="00000000-0000-0000-0000-000000000000" xmlns="http://schemas.microsoft.com/winfx/2006/xaml/workflow" xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml" xmlns:ns0="clr-namespace:Microsoft.ResourceManagement.Workflow.Activities;Assembly=Microsoft.ResourceManagement, Version=4.0.3510.2, Culture=neutral, PublicKeyToken=31bf3856ad364e35"> <ns0:AuthenticationGateActivity ValidationError="{x:Null}" x:Name="authenticationGateActivity1" RegistrationData="{x:Null}" ChallengeResponse="{x:Null}"> <ns0:AuthenticationGateActivity.AuthenticationGate> <ns0:PasswordCheckGate ResponseTimeout="00:05:00" /> </ns0:AuthenticationGateActivity.AuthenticationGate> </ns0:AuthenticationGateActivity> <ns0:AuthenticationGateActivity ValidationError="{x:Null}" x:Name="authenticationGateActivity2" RegistrationData="{x:Null}" ChallengeResponse="{x:Null}"> <ns0:AuthenticationGateActivity.AuthenticationGate> <ns0:LockoutGate LockoutThreshold="3" TimeoutThreshold="3" ResponseTimeout="00:05:00" Timeout="15" /> </ns0:AuthenticationGateActivity.AuthenticationGate> </ns0:AuthenticationGateActivity> <ns0:AuthenticationGateActivity ValidationError="{x:Null}" x:Name="authenticationGateActivity3" RegistrationData="{x:Null}" ChallengeResponse="{x:Null}"> <ns0:AuthenticationGateActivity.AuthenticationGate> <ns0:QAAuthenticationGate ResponseTimeout="00:05:00" NumQsReqCorrectAns="3" NumQsReqRegistration="3" NumQsRandomPresented="3" NumQsDisplayedForReg="3" ValidationError="{x:Null}"> <ns0:QAAuthenticationGate.Questions> <x:Array Type="{x:Type p9:String}" xmlns:p9="clr-namespace:System;Assembly=mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"> <ns1:String xmlns:ns1="clr-namespace:System;Assembly=mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">Question 1</ns1:String> <ns1:String xmlns:ns1="clr-namespace:System;Assembly=mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">Question 2</ns1:String> <ns1:String xmlns:ns1="clr-namespace:System;Assembly=mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">Question 3</ns1:String> </x:Array> </ns0:QAAuthenticationGate.Questions> </ns0:QAAuthenticationGate> </ns0:AuthenticationGateActivity.AuthenticationGate> </ns0:AuthenticationGateActivity> </ns0:AuthenticationWorkflow>The FIM Password Reset Blog http://blogs.technet.com/aho/