I have a parent account in Sendgrid. I have created 2 sub users. One for each environment (Dev and Test). Each sub user has its own API Key for sending emails.
Now when i try to onboard users i am trying to use SSO Teammate. But when i add the teammate (already in Dev) to Test sub user, its throwing an error
The email you are assigning as the SSO Teammate's username already belongs to an existing user. You will need to delete the conflicting user or modify the existing username so that this SSO teammate can be created.
But the teammate's id is only added to another sub user(Dev). Its not there in the parent account. Is this a wrong way of handling teammates in SendGrid?
Basically we want to separate users in each environment and provide them different access in each sub user (account)
Related
We are using GitHub Enterprise 2.5.1.
In our company, when a user switches to a new role, a new AD account will be created for him, with a new set of permissions. e.g. my current account is "huj" as a developer with email address "Jirong_Hu#otpp.com, if I become a BA, then:
The old account "huj" will be marked as "OIM Deletion" in AD.
A new account called "huj2" will be created for me, with the same old email address, Jirong_Hu#otpp.com.
My questions are:
As account is automatically created upon login, if I login to GitHub with the new account "huj2", I got this error: Unable to create the user because email Jirong_Hu#otpp.com is already taken and emails is invalid.
How can I create the new account "huj2" in GitHub, with the same old email address.
What's the consequence of doing the above?
I know this is an old post but it still shows at the top on a Google search on this subject.
Some email providers support using special characters to use multiple email addresses that map to a single account.
For example, if you use Gmail and your email address is myemail#gmail.com and you already have an account on GitHub with that email you can create a new GitHub account using myemail+1#gmail.com
The simple answer is NO.
You can't create more than 1 ID in GitHub by the same email, but you can do it by using multiple email IDs.
If you try to do it, GitHub will show an error - "email invalid or already taken", so delete the present account or make it with a new email id .
There are two ways to resolve this issue:
If the existing user has no activity, then delete this existing account.
Otherwise change his email to something else, then when the new user logs in, a new account will be created.
I'm part of a GitHub organization developing a FOSS project. I'd like to run CI tests on Windows using AppVeyor. Currently I see my own fork of the project, and some other forks from people who have named me collaborator in GitHub. I don't see the upstream of the project, though. Apparently me being an administrator of the GitHub organization isn't enough to offer access to it in AppVeyor. But probably setting this up under my account would be the wrong approach anyway. Probably this should be under the name of the organization.
Towards that end, I'd like to have an AppVeyor account for this organization, with suitable permissions for its members. Reading http://www.appveyor.com/docs/team-setup it sounds as if AppVeyor could distinguish between users (with unique email and password) and accounts (to which projects belong), and a single user apparently can belong to multiple accounts while one account can have multiple users with different roles. In that sense, I'd like to create a new account without creating a user for it. Instead I as an existing user, identified by GitHub login, would like to become the first administrator of this new account, and ready to change settings and add more users. How do I do this?
You can't create a new account without a user. Just use some your email/password to create an account, then add existing user as collaborator.
I have an account setup exactly the way I'd like a number of individuals accounts setup and I'd like to create them as clones of this account so the get the initial set of permissions without me having to manually set all the permission on each account.
Note: It is fine (ideal?) if once the accounts are created that they no longer have a relationship with the original account. For instance, if User A is the base account that is being used to create all the other accounts, once User B is made from User A then all further changes on User A will not be reflected on User B.
Any ideas?
In answer to your question: no, there is no clone/copy user feature in the User Editor in Sitecore.
It sounds like you would be better off creating a role with all these permissions, then assigning this role to any new users you create. You could then modify the permissions of the individual users as necessary.
Note this would not be the ideal solution as it's always better to apply security to roles rather than individual users.
Perhaps you could achieve what you need by creating a collection of roles and assigning different combinations of them to each user?
Try installing this Sitecore Module.This will clone the user in User Manager
SITECORE USER CLONE
Sitecore User Clone is used to create the copy of the user with the same roles, name, email, and profile. It will prompt to accept the new username, password and all the editable fields same like Edit user.
My question is almost the same as this one
only difference is that users has an option to register (provides his username and password).Users should only have one account registered, if the user has the same email I merged those accounts. and my application has another method for logging in which is via Facebook.
What I basically do is
When The User visits the for site for the first time, he or she then
gets created a User Account where the it only has Username ,password
and mail address after that third-party identity record is created
and then paired with the local account.however the Users table will
have an empty Username and password, but the email will be filled
with the users email that we have retrieved from the third party
service provider
And the Second Scenario
Users attempts Register to the site. check if email exist if the
email exist but it is registered using a third party account, Use
the user populated form and insert it to the user account paired
with the third party account, in short if the users email exist in the database I
will just merged the locally created account and the third party
account.
Now my question is my approach secure and credible? if not what is the best way to merge accounts and at the same time if the user registers with the same email(the one from the third party account) and he has a third party account, those account would be merge?
The way I look at this, there is only one account. One email, one account period. There might be various attributes associated with that account, like for e.g. linked to a set of OAuth credentials etc. But fundamentally there is only one account. If your user has registered once using a social account and then try to register again on your site, send them over to the social site which they used to register the first time and ask them to login there. Then log them into your site automatically. If the user has an account with your site and then tries to register again with a social account, tell them that you already have an account on the site and ask them to login. IMHO, keeping separate accounts and trying to merge them is a messy idea.
I would provide two sets of behavior, one when logged in and one when logged out.
When logged in, you provide the ability to link to new third-party accounts. For example, you sign up with email address and password, then log in, then you can link your Facebook account. To link your Facebook account you authorize with Facebook and then store the Facebook information in that user account record.
When logged out, you must log in with existing credentials. If, when logged out, you try to create an account with an existing email address, you either prevent the log in, saying "an account with that email address already exists", or you immediately challenge the user to log in to merge the account (in which case it works like the logged in case when linking an external account, only with the order of authentication operations reversed).
In case it's not clear from the above, I recommend having a single user account and a way to record linkages between that account and external accounts. You can do this in NoSQL buy just adding fields to the user document or you can do this relationally by having a table representing external accounts with a foreign key linking them to the user ID.
Beware not to use oAuth 2.0 !
The lead author himself resigned as it's not as safe as the 1.0 version.
You should prefer oAuth 1.0 or OpenID.
You can also have a look at Persona from Mozilla
I have a project where I am using Selenium to test the Facebook auth. I created a Facebook app, created a test user inside this app and created some tests using Facebook login. Until now, it was working. But during the last two weeks something changed in Facebook and my tests are failing. It is due to interface changes in permissions dialog (I am targeting the button by his id). The second problem is that I don't get the email address from Facebook test user but a proxy email which is longer than 75 characters (my db field length is hardcoded in framework I am using).
If I log in as a regular user, it is working correctly and I get this permission box:
But when I log in as the test user I created (via 'switch to' in app's developer roles), I get this box:
I tested it ~2 weeks ago and this was yet working. Today it is changed. So my questions:
How to get back the old permissions box for test users?
How can I get the real email address and not the proxy?
Thanks!
I experienced the same problem with the Auth Dialog. I tried it with some old and new apps with various settings including March/Apr. 2013 Breaking Changes enabled/disabled, but it didn't help.
However, I guess I can help you with the email problem. When you login as a test user and go to account settings page, you will see the test user's primary email addres. By default this should be a really long one like the image I attached.
Facebook Platform returns this primary email address. If you pass the Auth Dialog with your test user account and see the privacy setting page, you will find the default primary email address is shared with the app. You have to provide a new email address for the test user and set the new one as primary email address via account setting page.
Why is the Login Dialog different with a test user?
With your test user, you can see the future of login dialogs. In fact, this isn't "not working" but this is an update which was unveiled on December 2012. Let me quote:
Our Login dialogs have undergone a redesign to make it easier to
understand permissions that apps request. We've simplified
presentation and have also updated our language for greater clarity.
“Basic info” has been renamed to “public profile and friend list,” to
reflect what what is being shared. Apps accessing your public profile
get your name, profile picture, age range, gender, language, country
and other public information.
Source: Providing People Greater Clarity and Control, developers.facebook.com/blog
The reason why you don't meet this update with a regular user, is that Facebook doesn't use to update everyone at the same time. They partially launch updates depending on the country, the type of account or some other parameters I ignore.
Example of a partial update (unified_message FQL table) dedicated to developer accounts:
We are providing early access to this API for registered developer
accounts only until the new messaging system is broadly available. You
should use the message table for production applications at the
current time.
In our case, we now know that test users can access to the update, but it is also said:
We have already launched many of these improvements as part of our
iOS6 integration and are now rolling them out more broadly.
About proxy emails
In fact, proxy emails are a way for any users to keep their real email anonymous. You have to consider proxy emails.
When joining an app, the user can choose between a real email and a proxy email:
Other thing you need to expect are users who didn't validate their account when connecting to your app, a case which is possible as described here and here.
Then, why do test users give back a proxy email? Because test users (being bots and having fake emails) didn't validate their emails.
You see that in at least 3 cases (and finally, test users are a good example), you need to handle these proxy emails. They are incidentally or accidentally met by developers and they can't be neglected. For your case, you can still try to disallow tests users who have a proxy email from accessing your app. But you should accept them and shouldn't force them to share their original e-mail addresses. A better solution is that you validate the test users emails:
Connect to the test user account that gives a proxy email
Add an email address (password needed here),
Go to the email mailbox and click on the validation link,
Set the new email address as primary,
The test user should now give his original email and not a proxy anymore!