Changing emails to another domain through REST API results in error related to SSO / SAML

XMLWordPrintable

    • Severity 3 - Minor

      Issue Summary

      Changing emails to another domain through REST API results in error related to SSO / SAML
      This is caused by the enforcement of SSO in the Authentication policies.

      This is reproducible on Data Center: no

      Steps to Reproduce

      1. Claim 2 domains in the Organization
      2. Enforce SSO in a particular user through Auth policies
      3. Try to change the email of this user using the public API

      Expected Results

      Should change the user's email.

      Actual Results

      Results in the following error:

      {"key":"forbidden.action","context":{"allowed":false,"reason":{"key":"authPolicy.saml"}},"errorKey":"forbidden.action","errorDetail":{"allowed":false,"reason":{"key":"authPolicy.saml"}}}

      Workaround

      The workaround is to change authentication policies momentarily and disable SSO enforcement.

            Assignee:
            Joel Ryden
            Reporter:
            Andre Borzzatto (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated:
              Resolved: