NCEAS
Update UserModel with ORCID email on sign in
In an effort to get a verified email address for the user, I would like to propose an enhancement. When signing in with ORCID the the user model should be updated with the primary email address from ORCID.
I think this is a good idea, @vchendrix. With our current ORCID authentication scheme, we may or may not have access to the email address if the user has not made it public. In the future, we could ask ORCID to ask the user for the email address and only allow it to go through on success. This requires use of the ORCID private API, and a refactor of our authentication code. So, some of these changes would likely be on the CN Portal code end of things.
@mbjones I was thinking that we would have the ESS-DIVE users verify their email throught ORCID and then make it available to trusted parties of which DataONE is included. If we have the user do this do you think you will still need to refactor the authentication code? Thanks!
Trusted parties - Information marked as Trusted parties can be seen by any trusted parties that you have authorized to connect to your ORCID record. These connections require explicit action on your part. You will be asked if you would like to make a specific connection and, once you have confirmed, the trusted party will be able to see information that you have marked as trusted parties access in addition to the information marked as visible by everyone.
You control which trusted organizations and trusted individuals have access to your ORCID record; these are known as trusted parties.
Setting Email to allow access to trusted parties
DataONE is a Trusted Party
Dataone should have access to my email now
Support for this feature is under development in the dataone portal: https://github.com/DataONEorg/d1_portal/issues/3.
It will be implemented as part of the switch to eliminate 3rd party cookies (#1234)
