Menu
▾
▴
Re: [Unity-idm-discuss] User can not update their email addresses
|
From: Krzysztof B. <kb...@un...> - 2023-04-20 09:22:37
|
Hi Sander, W dniu 18.04.2023 o 11:45, Sander Apweiler pisze: > Hi Krzysztof, > we got the feedback that users where not able to update their email > addresses because they are not validated. We are running unity 3.11.2. > The attribute is verifiableEmail type and self modifiable. The users > are able to enter new email address but when they save them the > attached error is shown. I would assume that a new verification email > send. We don't support such flow, it is pretty risky. Suggested flow is as follows: 1. user adds *another* email, next to the existing one. Confirmation is sent. 2. user confirms the new email address 3. then user can delete the old one This flow ensures that user won't lock herself out, i.e. land in a situation w/o any valid email (what may be a problem in many cases: notifications, system consistency, credential reset). Surely if the flow described above shall be supported, attribute type needs to accept at least 2 values. We can make this more flexible (e.g. have this validation configurable, or more sophisticated, taking into account also email identities of the user), but that would need development. Best, Krzysztof |
