Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

prompt=select_account automatically go to "Other User" when there is no account to choose #7213

Closed
2 tasks done
Congee opened this issue Jan 12, 2024 · 3 comments · Fixed by #7981
Closed
2 tasks done

prompt=select_account automatically go to "Other User" when there is no account to choose #7213

Congee opened this issue Jan 12, 2024 · 3 comments · Fixed by #7981
Assignees
@livio-a
Labels
auth enhancement New feature or request improvement released

Comments

@Congee
Copy link

Congee commented Jan 12, 2024

Preflight Checklist

  • I could not find a solution in the existing issues, docs, nor discussions
  • I have joined the ZITADEL chat

Describe your problem

If you log into zitadel by appending the query parameter prompt=select_account it always shows the account selection page even if there is no account to select. In this case, the user has to choose "Other Account" anyway.
image

Describe your ideal solution

Can we just automatically go the "Other Account" path?

Version

No response

Environment

Self-hosted

Additional Context

No response
@Congee Congee added the enhancement New feature or request label Jan 12, 2024
@hifabienne
Copy link
Member

hifabienne commented Jan 12, 2024
edited

@muhlemmer @livio-a whats your opinion on that?

I am not completely sure, but if I understand the standard specification correct, the account selection should be shown, otherwise an error should be returned.
https://openid.net/specs/openid-connect-basic-1_0.html

@livio-a
Copy link
Member

livio-a commented Jan 22, 2024

I've checked the specs. from what i see the user has to select any account. it does not specify exactly how. as we already allow the other user option, the user has the possibility "select" a none existing session and still be compliant with the specs.
BTW. others (Google, Azure, ...) do the same

i'll move i into the backlog / small issues list

@livio-a livio-a mentioned this issue May 17, 2024
Merged
@livio-a livio-a self-assigned this May 17, 2024
livio-a added a commit that referenced this issue May 21, 2024
@livio-a
fix(login): ignore select_account in case there aren't any session to…
07f91e4 
… choose (#7981)

# Which Problems Are Solved

When poviding `select_account` in an OIDC auth request, ZITADEL would
always show the account selection page even if there aren't any user
sessions to choose and the user would then need to click the `Other
User` button to be presented the login page.

# How the Problems Are Solved

This PR changes the behavior and ignores the `select_account` prompt in
case there aren't any existing user sessions and will directly present
the login page.

# Additional Changes

None

# Additional Context

Closes #7213
@github-actions GitHub Actions
Copy link

🎉 This issue has been resolved in version 2.53.0 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@livio-a livio-a

Labels
auth enhancement New feature or request improvement released
Projects
Product Management
Status: Done
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix(login): ignore select_account in case there aren't any session to choose zitadel/zitadel
3 participants
@Congee @livio-a @hifabienne