TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-03-01 00:07:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

docs(technical advisory): add login ui default context (#6695)

Browse Source 
* docs(technical advisory): add login ui default context

* Update docs/docs/support/advisory/a10003.md

Co-authored-by: Fabi <fabienne@zitadel.com>

---------

Co-authored-by: Fabi <fabienne@zitadel.com>
This commit is contained in:
Livio Spring 2023-10-11 09:20:48 +03:00 committed by GitHub
parent 5bc71f7665
commit f2d1cd2045
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 66 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
docs/docs/support/advisory/a10002.md
View File

@ -6,14 +6,14 @@ title: Technical Advisory 10002
Version: TBD Version: TBD
Date: Calendar week 40/41 Date: Calendar week 44
## Description ## Description
Since Angular Material v15 many of the UI components have been refactored Since Angular Material v15 many of the UI components have been refactored
to be based on the official Material Design Components for Web (MDC). to be based on the official Material Design Components for Web (MDC).
These refactored components do not support dynamic styling, so in order to keep the library up-to-date, These refactored components do not support dynamic styling, so in order to keep the library up-to-date,
the console UI will loose its dynamic theming capability. the console UI will lose its dynamic theming capability.
## Statement ## Statement
@ -23,7 +23,7 @@ As soon as the release version is published, we will include the version here.
## Mitigation ## Mitigation
If you need users to have your branding settings If you need users to have your branding settings
(background-, button-, link and text coloring), you should implemement your (background-, button-, link and text coloring), you should implement your
own user facing UI yourself and not use ZITADELs console UI. Assets like your logo and icons will still be used. own user facing UI yourself and not use ZITADELs console UI. Assets like your logo and icons will still be used.
## Impact ## Impact

46
docs/docs/support/advisory/a10003.md Normal file
View File

@ -0,0 +1,46 @@
---
title: Technical Advisory 10003
---
## Date and Version
Version: 2.38.0
Date: Calendar week 41
## Description
When users are redirected to the ZITADEL Login-UI without any organizational context, they're currently presented a login screen,
based on the instance settings, e.g. available IDPs and possible login mechanisms. If the user will then register himself,
by the registration form or through an IDP, the user will always be created on the default organization.
This behaviour led to confusion, e.g. when activating IDPs on default org would not show up in the Login-UI, because they would still be loaded from the instance settings.
To improve this, we're introducing the following change:
If users are redirected to the Login-UI without any organizational context, they will be presented a login screen based on the settings of the default organization (incl. IDPs).
:::note
If the registration (and also authentication) needs to occur on a specified organization, apps can already
specify this by providing [an organization scope](https://zitadel.com/docs/apis/openidoauth/scopes#reserved-scopes).
:::
## Statement
This change was tracked in the following PR:
[feat(login): use default org for login without provided org context](https://github.com/zitadel/zitadel/pull/6625), which was released in Version [2.38.0](https://github.com/zitadel/zitadel/releases/tag/v2.38.0)
## Mitigation
There's no action needed on your side currently as existing instances are not affected directly and IAM_OWNER can activate the flag at their own pace.
## Impact
Once this update has been released and deployed, newly created instances will always use the default organization and its settings as default context for the login.
Already existing instances will still use the instance settings by default and can switch to the new default by ["Activating the 'LoginDefaultOrg' feature"](https://zitadel.com/docs/apis/resources/admin/admin-service-activate-feature-login-default-org) through the Admin API.
**This change is irreversible!**
:::note
Regardless of the change:
If a known username is entered on the first screen, the login switches its context to the organization of that user and settings will be updated to that organization as well.
:::

18
docs/docs/support/technical_advisory.mdx
View File

@ -68,7 +68,23 @@ We understand that these advisories may include breaking changes, and we aim to
ZITADEL hosted Login-UI is not affected by this change. ZITADEL hosted Login-UI is not affected by this change.
</td> </td>
<td>TBD</td> <td>TBD</td>
<td>Calendar week 40/41</td> <td>Calendar week 44</td>
</tr>
<tr>
<td>
<a href="./advisory/a10003">A-10003</a>
</td>
<td>Login-UI - Default Context</td>
<td>Breaking Behaviour Change</td>
<td>
When users are redirected to the ZITADEL Login-UI without any organizational context,
they're currently presented a login screen, based on the instance settings,
e.g. available IDPs and possible login mechanisms. If the user will then register himself,
by the registration form or through an IDP, the user will always be created on the default organization.
With the introduced change, the settings will no longer be loaded from the instance, but rather the default organization directly.
</td>
<td>2.38.0</td>
<td>Calendar week 41</td>
</tr> </tr>
</table> </table>