Some HD Paris users encountered this issue again

How come? What should I tell them?

changed milestone to %Previously done stuff

By Alexandre on 2020-02-28T10:22:53 (imported from GitLab project)

added 1 deleted label

@alexandre can you paste the screenshot here instead of a screenshot of the screenshot? I would like to see the URL Lory was using.

I checked his redirect_uri, it sounds good: /authorize?redirect_uri=https%3A%2F%2Fapp.paris.happy-dev.fr%2Fadmin&response_type=id_token%20token&display=page&scope=openid&client_id=31de2a1107f54bbaad9333dd63c68113&state=BCZUXcR8na1KM6nPg3eWP5U5NfD78RGlMkhnSyTxNHA&nonce=zkhNMiI_EXWO2OU0Qr9IV2HzNu2prIn4bD6TUYtv1Lc&key=%5Bobject%20Object%5D

@calummackervoy Could you take a look please?

Thinking about it, I believe I caused this bug. Let me explain.

1. I created an admin member to HD Paris so they could fill their members in
2. They did create their members
3. I instructed them to share the reset password link so that every user could create a password and login

I think I missed the fill the preferred app for each user part, mostly because I have never seen it working and because it is not in the Django admin documentation : https://docs.google.com/document/d/1HpIVVv538Tbuu1oyo3hy6cakBsGtw4hiiB_Mz6MfjAM/edit?usp=drivesdk

Could you enlighten me here?

By Alexandre on 2020-03-02T08:39:58 (imported from GitLab project)

I think this is correct, actually- I've requested access to edit so that I can update the documentation which you linked :)

I instructed them to share the reset password link so that every user could create a password and login

Here is your "bug", without a "login" action, your users will not have any redirect_uri.

You need to share them the public app URL, then they can ask for a reset password on the login form.

that also works, which should I put in the documentation @alexandre? one makes the process easier for users, and one makes it easier for the admin

So either we add a preferred app for the user, either we send them the public app URl? I think it can be a good process to always fill the preferred app. From our discussion on federation it looks like it is going to be a center piece. It is maybe safer to always have it completed?

I've updated the list on page 6 and the screen shot on page 8... if it's okay I think we can close the issue?

Yes we can close, I will open other issues dedicated to onboarding Thanks @calummackervoy !

closed