Hi Ayesha,
On Tue, Mar 21, 2017 at 11:31 AM, Ayesha Dissanayaka <[email protected]> wrote: > > On Tue, Mar 21, 2017 at 11:15 AM, Isura Karunaratne <[email protected]> > wrote: > >> There is a claim which stored whether the user email verified or not ( >> http://wso2.org/claims/emailVerified). Once the user verified his/her >> email, that calim's value shoudl be "true". If the user changes his/her >> email addresse, he/her has to verify the email again. >> > What if an admin changes a users email? I assume it's same behavior and > user need to verify the email. Until then he/she will not be able to login > to the account. > Admin changes users email and verify email are two seperate steps. It is not requried to deny user login when admin changes users email address. Then the user state will chnages to different state like (UNLOCKED_UNVERIFIED). We only need to lock the user, if admin intiates the verify email flow again. Thanks Isura. > > > -- > *Ayesha Dissanayaka* > Senior Software Engineer, > WSO2, Inc : http://wso2.com > <http://www.google.com/url?q=http%3A%2F%2Fwso2.com&sa=D&sntz=1&usg=AFQjCNEZvyc0uMD1HhBaEGCBxs6e9fBObg> > 20, Palm grove Avenue, Colombo 3 > E-Mail: [email protected] <[email protected]> > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > >
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
