Feature #15061
Updated by Peter Amstutz almost 6 years ago
Situation: # User has an account on home cluster A. # User goes to cluster B. Instead of logging in with federated identity from cluster A, user logs into a preexisting account and/or accidentally creates a new account. # User now has multiple accounts, but wanted only one account. # UI should guide user to redirect/merge accounts to use the cluster A account consistently. Proposed solution: # When a user logs in / creates an account on cluster A, send a simple request to all clusters in the federation on behalf of the user. This will cause the remote clusters to cache a record of the remote user. # When a user logs in / creates an account on cluster B and the account is inactive, check if there are any cluster A user records with the same email address. # If so, prompt the user to migrate the cluster B user to the cluster A user instead. # User logs in (again) at cluster A and is redirected back to cluster B. The local user account is migrated (setting redirect_to_user_uuid to the cluster A user) the user finishes logging in. Notes: * If the user logs in to cluster B again, the account should be automatically redirected to log in at cluster A. Unfortunately, the user will probably still have to log in twice. * For the case where the user wants cluster B to be the home cluster but there is a remote user from cluster A in the database, provide an alternate flow that sends the user to cluster A to migrate the cluster A account to redirect to the cluster B account. * These are all cases of #13651 with the addition of user accounts identified based on matching email addresses instead of the account merge being initiated by the user. * User interaction will be added to workbench2, includes adding "merge user" flow that exists in wb1 workbench2