Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support account self service pages without using SSO session #1860

Closed
mooreds opened this issue Sep 1, 2022 · 6 comments · Fixed by FusionAuth/fusionauth-site#2116
Closed

Support account self service pages without using SSO session #1860

mooreds opened this issue Sep 1, 2022 · 6 comments · Fixed by FusionAuth/fusionauth-site#2116
Assignees
@lyleschemmerling
Labels
architecture Feedback on designed behavior enhancement New feature or request
Projects
FusionAuth Issues
Milestone
1.45.0

Comments

@mooreds
Copy link
Collaborator

mooreds commented Sep 1, 2022
edited by robotdan

Support account self service pages without using SSO session

Problem

I want to use the self service account management pages (or let my users do so) without requiring them to check the "remember me" checkbox. Requiring that is unintuitive.

Solution

As mentioned here, use a separate session. Perhaps the account self service pages are a special application like the FusionAuth admin UI is?

Alternatives/workarounds

  • don't use account self service
  • require "remember me" to be checked (as a hidden value) and accept security issues around that (what if I'm logging in on library computer and forget to log out)

Additional context

Came up here: #1843 and on a customer call.

Related

Community guidelines

All issues filed in this repository must abide by the FusionAuth community guidelines.

How to vote

Please give us a thumbs up or thumbs down as a reaction to help us prioritize this feature. Feel free to comment if you have a particular need or comment on how this feature should work.
@mooreds mooreds mentioned this issue Sep 1, 2022
Closed
@robotdan
Copy link
Member

robotdan commented Sep 6, 2022
edited

Is this the same as #1546?

@mooreds
Copy link
Collaborator Author

mooreds commented Sep 6, 2022

@robotdan according to #1546 (comment) this behavior is "working as designed"

I thought it'd be useful to do as suggested in that comment:

If you want to de-couple this feature from SSO, you could open a request to use a separate session, or to take a JWT issued from your application as authorization. Or we could convert this issue into a feature request.

Since we didn't convert the feature into a feature request.

@robotdan
Copy link
Member

robotdan commented Sep 6, 2022

Ah, ok. Thanks, I'll close out #1546 and we can track the feature request here.

@robotdan robotdan added enhancement New feature or request architecture Feedback on designed behavior labels Sep 6, 2022
@adambowen
Copy link

This seems to imply that either the "remember me" functionality can be used OR the "self service account management" pages can be used, but a system that implements both will present a poor experience to the end user. Skipping implementing some of the account management pages (especially the MFA) was something of a driver to move to the premium version for us, and this seems like a fairly large hole in that (premium) functionality!

@lyleschemmerling lyleschemmerling self-assigned this Feb 9, 2023
@robotdan robotdan added this to Backlog in FusionAuth Issues via automation Feb 10, 2023
@robotdan robotdan added this to the 1.44.0 milestone Feb 10, 2023
@robotdan robotdan moved this from Backlog to In progress in FusionAuth Issues Feb 10, 2023
@robotdan
Copy link
Member

Internal:

@robotdan robotdan mentioned this issue Feb 17, 2023
Open
@robotdan robotdan added the architecture-review Ready, but needs internal architecture review label Feb 17, 2023
@andrewpai andrewpai removed the architecture-review Ready, but needs internal architecture review label Feb 17, 2023
@robotdan robotdan removed this from the 1.44.0 milestone Feb 28, 2023
@lyleschemmerling lyleschemmerling moved this from In progress to Code complete in FusionAuth Issues Mar 30, 2023
@lyleschemmerling
Copy link

Internal:

FusionAuth Issues automation moved this from Code complete to Done Mar 30, 2023
@robotdan robotdan moved this from Done to Reviewer approved in FusionAuth Issues Apr 3, 2023
@robotdan robotdan added this to the 1.45.0 milestone Apr 3, 2023
@robotdan robotdan reopened this Apr 3, 2023
FusionAuth Issues automation moved this from Reviewer approved to In progress Apr 3, 2023
@robotdan robotdan moved this from In progress to Reviewer approved in FusionAuth Issues Apr 3, 2023
@lyleschemmerling lyleschemmerling linked a pull request May 8, 2023 that will close this issue
Bootstrap login for self-service account pages documentation FusionAuth/fusionauth-site#2116
Merged
FusionAuth Issues automation moved this from Reviewer approved to Done May 9, 2023
@jobannon jobannon mentioned this issue Jun 1, 2023
Open
@dransome dransome mentioned this issue Sep 22, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@lyleschemmerling lyleschemmerling

Labels
architecture Feedback on designed behavior enhancement New feature or request
Projects
FusionAuth Issues
  
Delivered
Milestone
1.45.0
Development

Successfully merging a pull request may close this issue.

Bootstrap login for self-service account pages documentation FusionAuth/fusionauth-site
5 participants
@mooreds @robotdan @adambowen @andrewpai @lyleschemmerling