Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Permit multiple login options to the same Dataverse account #3487

Closed
pdurbin opened this issue Nov 22, 2016 · 6 comments
Closed

Permit multiple login options to the same Dataverse account #3487

pdurbin opened this issue Nov 22, 2016 · 6 comments

Comments

@pdurbin
Copy link
Member

pdurbin commented Nov 22, 2016

The original design doc at https://github.com/IQSS/dataverse/blob/4.0/doc/Architecture/auth.md was for "allow multiple logins to map to the same internal system user" but at the "auth branch merge party" in late September 2014 we decided to do away with this concept in fe8e41a. We'd like to at least explore the possibility of reintroducing the idea of permitting multiple login options to the same Dataverse account. The idea is that you could log in with HarvardKey (Shibboleth) or ORCID or a local account and still be "you" in Dataverse.

@pdurbin
Copy link
Member Author

pdurbin commented Jun 28, 2017

I think we want this, but when? Closing until we decide to prioritize it.

@pdurbin
Copy link
Member Author

pdurbin commented Feb 28, 2020

I'm re-opening this because as I mentioned at #6701 (comment) the dream is alive!

Yesterday, I saw this when testing OpenID Connect (OIDC), a next generation repository technology contributed by @poikilotherm in pull request #6433 for Dataverse 4.19: https://ngr.coar-repositories.org/technology/openid-connect/

75449541-25c79200-593b-11ea-859c-3f7ee3ad254a

75450242-6ffd4300-593c-11ea-9020-a6076e65a690

75451344-6aa0f800-593e-11ea-9775-091523829f89

That is to say, in theory, I should be able to log into https://data-beta.fz-juelich.de with any of HarvardKey, ORCID, and GitHub and still be "me" in Dataverse.

This is incredibly exciting! If it works, it has the potential to solve many headaches:

But does it work? Someone should test it. 😄

@pdurbin pdurbin reopened this Feb 28, 2020
@poikilotherm
Copy link
Contributor

poikilotherm commented Feb 28, 2020

I tested this with our installation of Unity IDM, maintained by @apw1388

First let's associate my ORCID account with my company account in the IDM:

add-account-1
add-account-2
add-account-3
add-account-4
add-account-5
add-account-6
add-account-7

Then login to Jülich DATA BETA with ORCID and still have the same user account:

multiway-login-1
multiway-login-2
multiway-login-3
multiway-login-4
multiway-login-5

I'm so happy I can keep promises I made in http://guides.dataverse.org/en/4.19/installation/oidc.html

@poikilotherm
Copy link
Contributor

I'd vote to close this, as this is probably way easier to solve on the OIDC provider level.

@pdurbin
Copy link
Member Author

pdurbin commented Jul 10, 2024

I'm a little nervous that our docs are not at all clear on how to achieve this, though.

Maybe a line or two near a future version of https://guides.dataverse.org/en/6.3/installation/config.html#auth-modes-local-vs-remote-vs-both would help?

@pdurbin
Copy link
Member Author

pdurbin commented Aug 21, 2024

In the future, with the React SPA ( https://github.com/IQSS/dataverse-frontend ) we plan to solve this by having OIDC in the mix.

See the auth doc at https://groups.google.com/g/dataverse-community/c/2hfhWIHQddE/m/hATuWGGSAAAJ for details.

Closing.

@pdurbin pdurbin closed this as completed Aug 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants