Actions
Idea #12945
closedDocument and test identity provider migration for user accounts
Status:
Duplicate
Priority:
Normal
Assigned To:
-
Category:
-
Target version:
-
Start date:
Due date:
Story points:
0.5
Description
Below is a sketch of the implementation to be tested and documented:
It is possible to change authentication providers for a user account. Examples:- A user’s account is attached to Google account person@old.example.com, but the user now wishes to log in with Google account person@new.example.com instead.
- A user used to log in with LDAP authentication, but now wishes to log in with Google account person@new.example.com instead.
Procedure:
- Determine the user’s existing UUID.
- Clear the identity_url field of the existing user record.
- Add a Link object with the following attributes:
{ "link_class":"permission", "name":"can_login", "tail_uuid":"person@new.example.com", "head_uuid":"aaaaa-tpzed-abcdefghijklmno", "properties":{ "identity_url_prefix":"https://www.google.com/" } }
*Have the user log in using their person@new.example.com Google account.
Actions