Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Usecase: Map identity to a user profile #22

Open
servilla opened this issue Jan 10, 2024 · 0 comments
Open

Usecase: Map identity to a user profile #22

servilla opened this issue Jan 10, 2024 · 0 comments
Assignees
@servilla
Labels
SPU Seattle Public Utilities usecase User scenario description in high-level english

Comments

@servilla
Copy link
Collaborator

servilla commented Jan 10, 2024
edited by rogerdahl
Loading

Allow a user to map multiple identities to the same profile.

Story: User/Group Management and Microsoft SSO #3

Goal:
Allow a user to map multiple authentication identities to a single PASTA user profile.

Actors:

  1. User
  2. System

Prerequisites:

  1. User "A" profile exists in the system and has relationship with identity "A".
  2. User "A" has never authenticated to system with identity "B".
  3. Identity "A" and identity "B" are for the same user.

Actions:

  1. User "A" authenticates into system with identity "A".
  2. User "A" selects "manage user profile" menu.
  3. System displays "manage user profile" menu items.
  4. User "A" selects "map identity" menu item.
  5. System requests User "A" to authenticate with identity "B".
  6. User "A" authenticates using identity "B".
  7. Auth returns affirmation of authentication with identity "B".
  8. System creates and stores identity "B" (UID of identity assertion) in authentication record.
  9. System creates relationship between identity "B" and user profile "A".

Alternate 1:

Prerequisites:

  1. User "A" exists in the system and has relationship with identity "A".
  2. User "B" exists in the system and has relationship with identity "B".
  3. Identity "A" and identity "B" are for the same user.

Actions:

  1. User "A" authenticates into system with identity "A".
  2. User "A" selects "map identity" menu item.
  3. System requests User "A" to authenticate with identity "B".
  4. User "A" authenticates using identity "B".
  5. Auth returns affirmation of authentication with identity "B".
  6. System finds authentication record of identity "B" (UID of identity assertion).
  7. System finds relationship between identity "B" and user profile "B".
  8. System alerts user that mapping identity "B" to user profile "A" will remove user profile "B" from system.
  9. User confirms mapping.
  10. System creates relationship between identity "B" and user profile "A".
  11. System removes user profile "B".

Notes:

  1. Creating a user profile will likely include storing user and authentication information, and storing each set of information in a database table makes the most sense. There is an expectation that an individual will have the opportunity to authenticate with multiple IdPs and will want the same user profile to be active regardless of IdP used to authenticate. It is, therefore, reasonable to have a relationship cardinality of many auth entries to one user profile entry.
  2. An authentication identity can only be mapped to one user profile at a time.

image

Mockups:

Image
Image
@servilla servilla self-assigned this Jan 10, 2024
@servilla servilla added usecase User scenario description in high-level english SPU Seattle Public Utilities labels Jan 10, 2024
@servilla servilla moved this to Usecase in Consolidated Issues Jan 10, 2024
@servilla servilla mentioned this issue Jan 10, 2024
Open
@servilla servilla changed the title Usecase: Map user identities Usecase: Map user identities to a single profile Jan 10, 2024
@servilla servilla changed the title Usecase: Map user identities to a single profile Usecase: Map identity to a user profile Apr 16, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@servilla servilla

Labels
SPU Seattle Public Utilities usecase User scenario description in high-level english
Projects
Consolidated Issues
Status: Usecase
Milestone
No milestone
Development

No branches or pull requests
1 participant
@servilla