Project

General

Profile

Task #8746

Story #8234: Use University of Kansas ORCID membership to support authentication in production environment

Require email address from user when logging in via ORCID

Added by Matthew Jones about 3 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Start date:
2018-11-16
Due date:
% Done:

0%

Milestone:
None
Product Version:
*
Story Points:
Sprint:

Description

By switching to the ORCID member API, we can then make attribute requests during the authentication process by asking for information only accessible to trusted organizations. This allows us to ask for a user's email address, even if it has been set to trusted (whereas now we only see the user's public address). This will allow us to ensure that we have a valid email address for all logins. If a user has set their email to 'only me'in their ORCID profile, then we should deny the login and indicate that they need to p=amke their email available to trusted orgs for login to work. See: https://support.orcid.org/hc/en-us/articles/360006897614

Also available in: Atom PDF

Add picture from clipboard (Maximum size: 14.8 MB)