Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Hide Unconfigured SSO Options on Homepage #1688

Open
Ereaey opened this issue Apr 15, 2024 · 6 comments
Open

Hide Unconfigured SSO Options on Homepage #1688

Ereaey opened this issue Apr 15, 2024 · 6 comments
Labels
good first issue Good for newcomers

Comments

@Ereaey
Copy link

Ereaey commented Apr 15, 2024

Feature Description

Currently, all Single Sign-On (SSO) options are displayed on the homepage, including those that are not configured. The feature should ensure that only configured and operational SSO options are visible to users. Unconfigured SSO options should not appear on the homepage to avoid confusion and unsuccessful login attempts.

Why Would It Be Useful?

This feature would improve user experience by displaying only relevant and functional login methods, making the login process clearer and faster. It would also reduce technical support queries from users attempting to use unconfigured SSO methods. Additionally, it would enhance the overall usability and professionalism of the Infisical platform by preventing user frustration and potential security concerns.

Additional Context

This adjustment requires changes in both the SSO configuration management system and the homepage's UI rendering logic. Considerations need to be made for:

  • An option in the system settings to enable or disable this feature, providing flexibility for administrators ?

Implementing this feature would involve checks during the homepage loading process to determine which SSO methods are configured and modifying the UI to display only those methods.
@DanielHougaard
Copy link
Collaborator

I think this is a great idea!

I would envision an implementation that uses the existing /api/v1/admin/config endpoint to return fields like isLdapConfigured, isGoogleOauthConfigured etc. And then render the sign-in options depending on which are configured.

@dangtony98, what do you think of this?

@maidul98
Copy link
Collaborator

@DanielHougaard yes, this is a great idea

@Ereaey
Copy link
Author

Ereaey commented Apr 16, 2024

I don't know if we can add it to this request but deactivating authentication by email (using an environment variable to avoid problems in production in the event of an SSO problem) could be useful also to force the use of sso.

@DanielHougaard
Copy link
Collaborator

DanielHougaard commented Apr 16, 2024
edited

I don't know if we can add it to this request but deactivating authentication by email (using an environment variable to avoid problems in production in the event of an SSO problem) could be useful also to force the use of sso.

I would add a separate proposal for that. This is a lower priority than hiding unconfigured SSO login methods though.

@DanielHougaard DanielHougaard added the good first issue Good for newcomers label Apr 16, 2024
@OneFriendlyCoder
Copy link

Hi everyone, I was thinking of conditional rendering the Login UI based on the env variables. Will check if the env variable values are not empty and then based on that render the signIn options?

@OneFriendlyCoder
Copy link

image

Something like this fix in the InitialSignupStep.tsx would conditionally render the SignIn options based on the creds. Do let me know if this is a right direction to proceed with or any other approach is required.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
good first issue Good for newcomers
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@maidul98 @Ereaey @DanielHougaard @OneFriendlyCoder