WSO2 Identity server provides the capability to recover user accounts with the help of security questions. This feature is important when we forget the password and need some evidence that the actual user who had forgotton the password is indeed the right owner of the account. There are three such ways in which we can set these challenge questions for the users. You can read more details about each of these methods in this documentation. From the UserIdentityManagementAdminService SOAP API By manually creating registry resources for questions From Identity Server Management Console In this blog I will be guiding you through how to use the UserIdentityManagementAdminService SOAP API to set the challenge questions. But we will be doing this with a slight twist. We are going to set these questions using an API created in the WSO2 ESB with the help of some custom sequences. For the setting of the challenge questions using the admin service this is ...