Hi Jawaan,
Confirm Pages
There are several different strategies to finishing the FPS process, all configured using the Confirm section of the APS configuration file.
Give static information to tell the user how to proceed (sending the information via email).
Give the user the information on a custom page, email, or a combination of the two.
Let FPS display a message box displaying the information or part of the information (the rest being transmitted via email)
Log the user in automatically.
One way to do confirmation at the end of the FPS process is to send the information to the user via email. If this is to be done, the confirm page should say something like "The information that you requested has been sent to the email addressuser@somesite.com".
Another option is to display HalfPassword1 on the custom page and send HalfPassword2 via email. These macros return, in clear text, either the first half or the second half of the user's password. Of course, either the mail or the custom page will have to instruct the user that the two halves must be put together before using.
Instead of using the "real" password, use the OneShotPassword instead. FPS creats a single-use password when the macro "OneShotPassword" is referenced in a mail file or in an initial setting for the confirmation page. The OneShotPassword requires special set up to use (See Authentication Scheme.) but it is more secure than using a multiple use password, even if you allow the user to select their own password (since you will never show the selected password).
Refer :
Change Pages - CA Single Sign-On - 12.52 SP1 - CA Technologies Documentation
Tech Tip : CA Single Sign-On :Policy Server::How to configure APS Forgot Password (FPS) Interface
Regards,
Leo Joseph.