Uploaded image for project: 'COmanage'
  1. COmanage
  2. CO-1376

Simplify Account Linking Process

    XMLWordPrintable

Details

    Description

      Account linking currently requires completing a (minimal) enrollment form to collect a name and email address, with the latter used to send an invitation to link back to the original identity after logout. However, this is a clunky user experience.

      Add a new EF setting or change email_confirmation mode to "require enrollee authentication" without requiring email to be sent

      • Redirect to /auth/logout, but preserve enough info in session to reconnect ($SESSION['PETITION_IN_PROGRESS'])
      • mod_auth_foo executes logout functionality
      • /auth/logout is delivered by Apache, redirects back to /auth/login
      • mod_auth_foo executes login functionality
      • COmanage/cake sets up new authentication info ($SESSION['Auth.User']), sees existing petition in progress and re-enters enrollment flow

      TBD: What does the org identity record look like? It needs a name, do we just pull the CO Person primary name and clone it into the Org Identity? Or can we expect sufficient attributes out of the authentication event?

      Also, can this be implemented as an OIS plugin? Or does it need to be done in core petition code?

      Attachments

        Issue Links

          Activity

            People

              benn.oshrin@at.internet2.edu Benn Oshrin
              benn.oshrin@at.internet2.edu Benn Oshrin
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: