Overview:
Currently, Any user initiating a first time SSO login using an identifier that already exists in the custodian org - causes an auto migration of the account from custodian to the state tenant it can cause erroneous migration to avoid it user's acknowledgment is required.
If the user is found to match an account in the custodian org when the user tries to login via SSO for the first time, the user should be prompted about the existence of the duplicate account and asked whether the account belongs to them.
...
Account auto-merge workflow should be handled in the portal front end and portal securely. Currently only the existing user's are migrated
Flow chart:
backend. An auto migration of the account from custodian to the state tenant it can cause erroneous migration to avoid its user's acknowledgment is required.
Solution 1:
...
Step 4: User is allowed to enter the password if the password is correct to initiate migration of account else allow the user to reenter the password.
Step 5: Users re-enter the password. If the password is correct initiate account migration else create a new account for the user.
Solution 2
Initiate a manual merge flow process for auto-merge as well.
Things to discuss
1) Sending username phone number/ email address as the query parameter
2) Storing the password failure attempts in localstorage local storage as we will have 2 password failure.
UI Screens Screens
Verify user via email or phone
...