request: page note reminding people that 'login with email' might be what they want to see *all* signed in sites #343
Comments
|
@gdestuynder @andrewkrug can you please take a look at this? This is a staff member who is able to select "login with Google". Shoudn't account ratcheting kick in here? Best regards, |
|
There's no ratcheting at the moment for Google accounts backed by LDAP We've a feature item that removes this, though it requires a lot of comm to resolve accounts on the RP side so that there is no orphaned/unreachable accounts Note: not all users want "login with email", mostly staff users and passwordless users want this, and others dont |
|
Mostly, I was confused about where all the apps went :).
Maybe these solutions are simpler:
- Login: for the email one: a note or text: "staff (moco) email login"
- Dashboard: a note saying "staff: looking for something else? Logout and
login with email instead."
…On Mon, Oct 8, 2018 at 10:46 AM Guillaume Destuynder (:kang) < ***@***.***> wrote:
There's no ratcheting at the moment for Google accounts backed by LDAP
This is mainly because some people already have accounts between the 2.
Both use the same authentication and are +- as safe to use.
We've a feature item that removes this, though it requires a lot of comm
to resolve accounts on the RP side so that there is no orphaned/unreachable
accounts
Note: not all users want "login with email", mostly staff users and
passwordless users want this, and others dont
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#343 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAKAj1K6etEqjGsFLjzSCYikHZ8_G2Giks5ui3NSgaJpZM4XLWxE>
.
|
|
@gregglind the email field is for non staff though. It's also used by volunteers, NDA volunteers, pocket and mozilla foundation employees. |
|
Dashboard: a note saying "staff: looking for something else? Logout and login with email instead." The sso-dashboard grid of apps is generated based on your group membership. Logging out and logging in with e-mail results in fewer available services not more. |
|
Maybe this is a 'NO OBVIOUS FIX' then. Thanks for looking into it!
…On Mon, Oct 8, 2018 at 11:23 AM Andrew J Krug ***@***.***> wrote:
Dashboard: a note saying "staff: looking for something else? Logout and
login with email instead."
The sso-dashboard grid of apps is generated based on your group
membership. Logging out and logging in with e-mail results in fewer
available services not more.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#343 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAKAj4BoEbd8hEzf0iaJvfR5rXWf0-9qks5ui3wDgaJpZM4XLWxE>
.
|
Hello firends: I was able to reproduce my SSO issue:
The solution of always login with email is correct.
Maybe we can put a note suggesting that solution in the dashboard?
The text was updated successfully, but these errors were encountered: