Adding Dimuthu

On Wed, Apr 11, 2018 at 3:21 PM, Menaka Jayawardena <> wrote:

> Hi,
> In WSO2 Identity Server, users can be provisioned to the internal User
> store when the users are signing up with social accounts. But in this case,
> the users should always use the social login option to login to the
> application and the identity admins could not manage them as internal users.
> The main idea of this feature is to provision the users with password so
> that a proper user account will be created in the identity server so that
> they can use the user name and password to login and the identity admins
> can manage the users as internal users.
> As per the Flash PC[1], we need to consider following aspects when
> implementing this feature.
> *1. Configuring password provisioning in the IDP level.*
> A new option can be provided in the Just-In-Time Provision section to
> enable/ disable provisioing with password.
> *2. Prompting a page to get the user claims and password*
> When a user is using social sign up, in the sign up flow, new page will be
> shown with the claims. The claims that are retrieved from the social signup
> response will be automatically populated. Users need to fill any mandatory
> claims that are missing in the request as well as they need to provide a
> valid password.
> *3. How multiple social accounts can be associated*This applies when we
> support multiple social signup options (Facebook, Google, Twitter etc).
> When a user has already signed up with one social account, after some
> time, he/she again tries to signup using a different account.
> As different social accounts use differnt ids for users, there shoul be a
> mechanism to map the values to the existing user.
> As a solution for this we can allow users to add their other social
> account details in the user profile. So, when the user is trying to sign up
> using another account he/she will be logged into the existing account.
> *4. What are the user claims that we should retrieve from the social
> account and do we allow users to edit those claims.*
> As we show the claims that are retrieved from the signup request, have to
> decide whether we allow users to modify those details. As per the
> discussion [1] we only allow to edit the exact claims that can be edited in
> the user profile.
> I have written the use cases that will be involved in this use case and
> attached herewith.
> 2F9Ezk_WqC-IAq2vmaJ5bk5j4k/edit?usp=sharing
> Any ideas suggestions are highly appreciated.
> [1] Updated invitation: IS Flash PC @ Mon Apr 9, 2018 1:45pm - 2:30pm
> (IST) (Rapid Response Group)
> Thanks and Regards,
> Menaka
> --
> *Menaka Jayawardena*
> Software Engineer
> WSO2 Inc.
> Phone    : +94 71 350 5470
> LinkedIn :
> Blog       :

*Menaka Jayawardena*
Software Engineer
WSO2 Inc.

Phone    : +94 71 350 5470
LinkedIn :
Blog       :
Architecture mailing list

Reply via email to