[CAL-3600] SAML/SSO idP auto-merging allows slipping of uppercase in email #14833
Assignees
Labels
authentication
area: authentication, auth, google sign in, password, SAML, password reset, can't log in
🐛 bug
Something isn't working
enterprise
area: enterprise, audit log, organisation, SAML, SSO
High priority
Created by Linear-GitHub Sync
Milestone
Comments
alishaz-polymath
added
the
enterprise
dosubot
bot
added
authentication
|
While at it, probably a good idea to improve description for pasting the XML Metadata in the SAML/SSO Setup step |
3 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
When we merge identities in the next-auth-options, if the idP passes email with uppercase characters, it slips the email with uppercase characters and the account merging causes the user's email to be updated with said uppercase characters. This results in a non-usable state of the user's account and in turn creates a new account for the user when attempted to login.
A potential fix is to probably identify the source where email is updated with uppercase and simply force lowercase there.
From SyncLinear.com | CAL-3600
The text was updated successfully, but these errors were encountered: