wildebeest

wildebeest copied to clipboard

It is common after a client requests authorization, before the authorization completes, the instance has a screen showing that a client is requesting certain oauth permissions of an account, and the user needs to manually confirm the authorization.

Current behaviour The entire authorization flow completes by itself.

Expected behaviour An example of such screen from Mastodon. Besides asking the user to confirm permissions, one can also choose to logout of current account and login to another one if needed, which currently is not possible. Also in case several emails/accounts are added into Zero Trust, it is unclear under which account is currently logged into. For this, it is beneficial to also add logged in email/account to the user sign up page as well to prevent possible confusion.