Uploaded image for project: 'COmanage'
  1. COmanage
  2. CO-1647

Petition verifies OrgIdentity email, even if already confirmed

    XMLWordPrintable

Details

    Description

      During the email confirmation step of enrollment flows, the CoPetition sendConfirmation method sends an email to the (first) EnrolleeOrgIdentity email address.

      We have a use case where the EnrolleeOrgIdentity is set based on SAML information (so the email address can be considered 'confirmed-by-upstream-IdP'). However, if we copy that email address to the CoPerson record, but allow modification, we can end up with an unconfirmed CoPerson email address.

      It would be best if the email confirmation step:

      • checks to see if actual confirmation is required (ie: is there any associated email address that is considered unverified)
      • if not, skip the step (proceed to processConfirmation/collectIdentifier)
      • if so, make sure to verify an 'unverified' email address instead of a verified one

      In the situation where the user can enter more than 1 email address the proper solution might be to repeatedly execute sendConfirmation until all associated addresses have been confirmed.

      Attachments

        Issue Links

          Activity

            People

              benn.oshrin@at.internet2.edu Benn Oshrin
              michiel Michiel Uitdehaag (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated: