Features that will be implemented to enhance FOLIO's ability to support consortia (Phase 2) (UXPROD-4485)

[UXPROD-4406] Ability to login via SSO with ECS enabled Created: 20/Jul/23  Updated: 05/Feb/24

Status: In Progress
Project: UX Product
Components: None
Affects versions: None
Fix versions: Quesnelia (R1 2024)
Parent: Features that will be implemented to enhance FOLIO's ability to support consortia (Phase 2)

Type: New Feature Priority: P2
Reporter: Serhii_Nosko Assignee: Dennis Bridges
Resolution: Unresolved Votes: 0
Labels: LC-priority2, ecs, loc
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original estimate: Not Specified

Issue links:
Cloners
clones UXPROD-4308 Ability to edit username, "Forgot pas... Closed
Defines
is defined by STCOR-769 Use correct tenantId from response fo... In Progress
is defined by MODCON-78 Add externalSystemId, barcode fields ... Closed
is defined by MODLOGSAML-170 Add support of SSO login in consortiu... Closed
is defined by MODLOGSAML-179 Get acquainted with SAML login flow/c... Closed
is defined by MODUSERS-377 Add externalSystemId, barcode to user... Closed
is defined by MODUSERS-412 Add missed fields to filtering in use... Closed
Relates
relates to RANCHER-900 [SPIKE] IMPLEMENT SSO Functionality |... Closed
Release: Quesnelia (R1 2024)
Epic Link: Features that will be implemented to enhance FOLIO's ability to support consortia (Phase 2)
Back End Estimate: XL < 15 days
Back-End Confidence factor: 80%
Development Team: Thunderjet
PO Rank: 0

 Description   

Current situation or problem:

User must be able to login using SSO in non-ecs enabled FOLIO systems

In scope

Users should be able to login using SSO from central tenant to any member tenant.

Currently mod-login-saml can use of the following fields to search user: 

"barcode", "externalSystemId", "id", "username", "personal.email" depends on how the SAML Identity provider is configured.

By default "externalSystemId" is used.

 

To support working in consortia mode, we need to add fields: externalSystemId and barcode to response of /user-tenant endpoint to be able to search by them.

The potential issue with fields uniqueness is coming here, because only username can be considered now as a unique field across tenants in consortia mode.

Out of scope

 

Use case(s)

 

Links to additional info

see linked document for more details

Questions



 Comments   
Comment by Dennis Bridges [ 21/Jul/23 ]

Serhii_Nosko Thank you for creating this feature. I am still working to confirm whether this will be in scope for the Poppy release. Currently it seems we might be able to defer this so please hold off on continuing to refine this feature until we have a clear answer. Thanks!

cc: Mikita Siadykh 

Comment by Serhii_Nosko [ 08/Sep/23 ]

Stories for mod-users, mod-consortia have been completed for this feature that provides necessary fields in /user-tenant response to search users across modules by mod-login-saml module. Only work in mod-login-saml remained for this feature.

cc: Dennis Bridges 

Comment by Khalilah Gambrell [ 10/Dec/23 ]

Hey Dennis Bridges/Joseph Reimers  is this also a LC requirement? 

Comment by Dennis Bridges [ 14/Dec/23 ]

Khalilah Gambrell yes, they will need this feature completed to use any kind of SSO with ECS. We have updated the labels accordingly. thx!

Generated at Fri Feb 09 00:39:41 UTC 2024 using Jira 1001.0.0-SNAPSHOT#100246-sha1:7a5c50119eb0633d306e14180817ddef5e80c75d.