tracker.org
This commit is contained in:
parent
a2a2b78989
commit
1edbf5ef92
1 changed files with 12 additions and 8 deletions
20
tracker.org
20
tracker.org
|
@ -867,12 +867,16 @@ When the user will launch another product he will not use his usual
|
|||
~user-1@domain.com~ Okta session.
|
||||
|
||||
The second, is that we should have a mechanism to understand that on the
|
||||
second login, we don't want to login the user, but to merge two
|
||||
different IdP accounts.
|
||||
It would in particular mean, that the user can be tied to two different
|
||||
email addresses.
|
||||
Currently, we do not support user with multiple email address.
|
||||
It would imply to change the structure of the IdP Mapping.
|
||||
second login, we don't want to login the user, but to merge two different
|
||||
IdP accounts.
|
||||
|
||||
Note there is a complication because not all IdP support verified email (TG
|
||||
does not)
|
||||
Mainly we will need to develop a new workflow, so a user could link
|
||||
multiple IdP accounts to his current SecureX account.
|
||||
Currently this is handled via the Invitation mechanism.
|
||||
|
||||
The implications are:
|
||||
- a user can be tied with multiple different email addresses. Currently
|
||||
there is a single email address by user and to add another layer of
|
||||
complexity, the Threatgrid IdP do not provide verified emails. It means
|
||||
that we cannot trust emails from TG users.
|
||||
-
|
||||
|
|
Loading…
Reference in a new issue