IQSS
Handle unregistered users in BearerTokenAuthMechanism
Overview of the Feature Request
Based on the design implemented in the OIDC PoC for the SPA, we need to manage the case in BearerTokenAuthMechanism where there is no registered user account in Dataverse, even though the token is valid in the identity provider.
Different ways to handle this have been discussed, from creating the account transparently to the user to returning some type of response to the API caller indicating that it is necessary to accept the terms of use before registering. This issue therefore involves an initial phase of analysis before implementing the final solution.
In the PoC implemented, we are simply creating the user from the JWT claims if the user is not registered: https://github.com/IQSS/dataverse/pull/10910
What kind of user is the feature intended for? SPA user / API user
What inspired the request?
- https://github.com/IQSS/dataverse-frontend/pull/516
What existing behavior do you want changed?
- BearerTokenAuthMechanism when user is authenticated but no signed up
Any brand new behavior do you want to add to Dataverse?
- BearerTokenAuthMechanism account creation
Any open or closed issues related to this feature request?
- https://github.com/IQSS/dataverse-frontend/pull/516
- https://github.com/IQSS/dataverse/pull/10910
Are you thinking about creating a pull request for this feature?
Yes
