Handle unregistered users in BearerTokenAuthMechanism #10959
Assignees
Labels
FY25 Sprint 9
FY25 Sprint 9 (2024-10-23 - 2024-11-06)
FY25 Sprint 10
FY25 Sprint 10 (2024-11-06 - 2024-11-20)
GREI Re-arch
Issues related to the GREI Dataverse rearchitecture
Original size: 50
Size: 30
A percentage of a sprint. 21 hours. (formerly size:33)
SPA.Q4.4
OIDC login + API authentication
SPA
These changes are required for the Dataverse SPA
Type: Feature
a feature request
User Role: API User
Makes use of APIs
Comments
GPortas
added
Type: Feature
GPortas
added a commit
that referenced
this issue
Nov 11, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Overview of the Feature Request
Based on the design implemented in the OIDC PoC for the SPA, we need to manage the case in BearerTokenAuthMechanism where there is no registered user account in Dataverse, even though the token is valid in the identity provider.
Different ways to handle this have been discussed, from creating the account transparently to the user to returning some type of response to the API caller indicating that it is necessary to accept the terms of use before registering. This issue therefore involves an initial phase of analysis before implementing the final solution.
In the PoC implemented, we are simply creating the user from the JWT claims if the user is not registered: #10910
What kind of user is the feature intended for?
SPA user / API user
What inspired the request?
What existing behavior do you want changed?
Any brand new behavior do you want to add to Dataverse?
Any open or closed issues related to this feature request?
Are you thinking about creating a pull request for this feature?
Yes
The text was updated successfully, but these errors were encountered: