-
Notifications
You must be signed in to change notification settings - Fork 6
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Require verified address doesn't work for OIDC identities #246
Comments
I can still reproduce this. Taking a look now. |
Ah, the frontend only sets the hook for the password method. It doesn't for OIDC & Webauthn. So this is just a console issue. |
Don't think it makes sense to fix this in the old UI, when we're going to rewrite this soon. You can use the CLI to set the |
There is a more fundamental issue here too - the verified status is not carried over from the oidc provider. So basically every user is unverified when using social sign in in kratos. |
Related to ory/kratos#3424 |
That issue is now closed in Ory Kratos, is this here then also fixed? |
No, it's just related, but doesn't solve the issue. But this is just a console issue, as right now we're only setting the |
I confirmed that this bug is fixed on production. Closing! |
Preflight checklist
Describe the bug
When
Require Verified Address for Login
is activated, OIDC identities can still login, even if they have not verified their email address yet.Reproducing the bug
Require Verified Address for Login
Relevant log output
No response
Relevant configuration
No response
Version
master
On which operating system are you observing this issue?
Ory Network
In which environment are you deploying?
Ory Network
Additional Context
https://ory-community.slack.com/archives/C02MR4DEEGH/p1676539388349389
The text was updated successfully, but these errors were encountered: