Add a toggle to turn off automatic user provisioning for SAML.

 






 

 


  Review Request #14394
  —
  Created April 1, 2025 and submitted  — Latest diff uploaded 

 


















 

  

   Information

  





 
 

  david
 









 
 

  Review Board
 









 
 

  release-6.x
 









 
 

  
 









 
 

  
 






 




 

  

   Reviewers

  





 
 

  reviewboard
 









 
 

  
 






 








 





  


 
 

  
This change adds a new configuration toggle for SAML integration to

allow turning off automatic user provisioning. When we first implemented

SSO via SAML, our expectation is that application entitlement would be

managed entirely via the IdP, but that's not always the case. This

change makes it so admins can disable user provisioning during the SAML

authentication flow, allowing them to manage users through other means.


This also fixes up an incorrectly copy/pasted label in the

authentication settings form.

 








  


 
 

  
    

  • Ran unit tests.
    • 

  • Verified that the new setting correctly disabled user provisioning.
    • 


 







 









 





  








 




 







   

    
    
Diff Revision 2 (Latest)



    

 

 

 

 
orig
1
2

 



    


    

      
Commits

      

 

 

  
   First
   Last
  
  Summary
  ID
  Author
 



 
  
   
  
  
   
  
 
 
  
   
    

     Add a toggle to turn off automatic user provisioning for SAML.
     
This change adds a new configuration toggle for SAML integration to
allow turning off automatic user provisioning. When we first implemented
SSO via SAML, our expectation is that application entitlement would be
managed entirely via the IdP, but that's not always the case. This
change makes it so admins can disable user provisioning during the SAML
authentication flow, allowing them to manage users through other means.

Testing Done:
- Ran unit tests.
- Verified that the new setting correctly disabled user provisioning.

    

   
  		
  005d48d5e80c08afcb5158105cba3ae61d905f3c
  David Trowbridge
 




    


    
    

   

  

 









 

  

   
    

     
      
      reviewboard/accounts/sso/backends/saml/forms.py
     
    

   
  

 



 

  

   
    

     
      
      reviewboard/accounts/sso/backends/saml/sso_backend.py
     
    

   
  

 



 

  

   
    

     
      
      reviewboard/accounts/sso/backends/saml/views.py
     
    

   
  

 



 

  

   
    

     
      
      reviewboard/accounts/tests/test_saml_forms.py
     
    

   
  

 



 

  

   
    

     
      
      reviewboard/accounts/tests/test_saml_views.py
     
    

   
  

 



 

  

   
    

     
      
      reviewboard/templates/accounts/sso/link-user-provision.html
     
    

   
  

 



 

  

   
    

     
      
      reviewboard/templates/accounts/sso/link-user-provision-disabled.html
     
    

   
  

 










     

    

   

  

  

   
   Loading...