Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Unresolved
Priority: Major
Fix Version/s: None
Affects Version/s: 2.12.0 GA
Component/s: System
Labels:
- SSO
- support
- triaged

Blocked:
False
Blocked Reason:
None
Ready:
False
3Scale PT Tested upstream:
Not Started
3scale PT Docs:
Not Started
3scale PT Product Specs:
Not Started
3scale PT Product Update Ready:
Not Started
3scale PT Released In Saas:
Not Started
3scale PT Verified Product:
Not Started
Steps to Reproduce:
Hide

The attribute Email Verified disabled for the user in RH-SSO try to login into Admin Portal using RH-SSO (Authenticate through <> Red Hat Single Sign-On) for the first time (the URL must be "https://<ADMIN_PORTAL_URL>/p/sessions/new"). When entering the user RH-SSO credentials it must returns the error Your account isn't active or hasn't been approved yet.. The URL content will be something like:
https://<ADMIN_PORTAL_URL>/auth/keycloak_807ec359d602/callback?session_state=592ecf35-2081-4635-a1a7-85972b083d74&code=7afed289-29d2-4eeb-bdce-3c04bdf72481.592ecf35-2081-4635-a1a7-85972b083d74.2ac64915-2059-4cc0-8fce-dfc2add95ca5

Try to login into Admin Portal using RH-SSO (Authenticate through <> Red Hat Single Sign-On) for the second time and the page will be refreshed showing the error The code is incorrect or expired.. The URL content will be something like:
https://<ADMIN_PORTAL_URL>/auth/keycloak_807ec359d602/callback?session_state=592ecf35-2081-4635-a1a7-85972b083d74&session_state=592ecf35-2081-4635-a1a7-85972b083d74&code=ee4e3937-6517-4bcc-a687-9f607692e78c.592ecf35-2081-4635-a1a7-85972b083d74.2ac64915-2059-4cc0-8fce-dfc2add95ca5
Show
The attribute Email Verified disabled for the user in RH-SSO try to login into Admin Portal using RH-SSO ( Authenticate through <> Red Hat Single Sign-On ) for the first time (the URL must be " https://<ADMIN_PORTAL_URL>/p/sessions/new "). When entering the user RH-SSO credentials it must returns the error Your account isn't active or hasn't been approved yet. . The URL content will be something like: https://<ADMIN_PORTAL_URL>/auth/keycloak_807ec359d602/callback?session_state=592ecf35-2081-4635-a1a7-85972b083d74&code=7afed289-29d2-4eeb-bdce-3c04bdf72481.592ecf35-2081-4635-a1a7-85972b083d74.2ac64915-2059-4cc0-8fce-dfc2add95ca5 Try to login into Admin Portal using RH-SSO ( Authenticate through <> Red Hat Single Sign-On ) for the second time and the page will be refreshed showing the error The code is incorrect or expired. . The URL content will be something like: https://<ADMIN_PORTAL_URL>/auth/keycloak_807ec359d602/callback?session_state=592ecf35-2081-4635-a1a7-85972b083d74&session_state=592ecf35-2081-4635-a1a7-85972b083d74&code=ee4e3937-6517-4bcc-a687-9f607692e78c.592ecf35-2081-4635-a1a7-85972b083d74.2ac64915-2059-4cc0-8fce-dfc2add95ca5

SFDC Cases Counter:
SFDC Cases Links:

Description

When a RH-SSO new user with Email Verified attribute disabled authenticate into Admin Portal, it get the message that the account isn't active or approved yet. If he tries to authenticate again, it gets a code incorrect or expired.

Workaround:

Enable the Email Verified attribute for the user in RH-SSO
login into Admin Portal using RH-SSO (Authenticate through <> Red Hat Single Sign-On) for the first time (the URL must be "https://<ADMIN_PORTAL_URL>/p/sessions/new")

Attachments

Activity

People

Assignee:: Ernani Azevedo

Reporter:: Ernani Azevedo

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2022/08/09 8:42 PM

Updated:: 2023/02/06 10:07 AM