Uploaded image for project: 'Identity'
  1. Identity
  2. ID-147

Ability to allow/block use of local credentials for Google linked accounts

    XMLWordPrintable

Details

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

    Description

      Being able to link a OnDemand account to Google is really useful from an SSO perspective but the full benefits come when you can flow through deactivation of the account. The ability of users with Google linked account to still create an OnDemand password, while necessary for some features (as discussed at https://confluence.atlassian.com/display/AOD/Managing+users+and+groups+with+Google+Apps#ManagingusersandgroupswithGoogleApps-PasswordsandGoogleApps), isn't likely to be required by all users.

      2 Feature requests:

      • there should be a mechanism to indicate that certain user accounts can/can't (I would have a preference for "can" but understand that would potentially break existing configs) use an OnDemand passwords.
      • there should be a mechanism such that when the Google credentials are deactivated, any OnDemand password can no longer be used.
      • there should be a mechanism to search for users that have a OnDemand password
      • there should be a mechanism to remove a user's OnDemand password
      • there should be a mechanism to indicate when a user account last logged in with Google SSO and with OnDemand password

      Attachments

        Activity

          People

            Unassigned Unassigned
            ffd029bf4191 David Ferguson
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: