Editing SSO overrides


(Karl Romanowski) #1

When the SSO options to override username and name are set to true editing those fields in the Admin UI should be disabled. Any edits there would just be overwritten on the next login anyway.


(Jeff Atwood) #2

Shouldn’t the admin have enough knowledge to expect that to happen?


(Karl Romanowski) #3

Yea but moderators see those too and they would be quite confused as they are likely nontechnical staff.

It’s not a critical issue, “don’t ever push those buttons” can be a part of training.


(Jeff Atwood) #4

It’s not like anything actually bad happens if they do; it’s merely overwritten later on login by the user.


(Karl Romanowski) #5

Worst I can imagine is they change a username to something a new user legitimately owns (and will try to claim on their first SSO login)

I’ll test what happens Monday.


(Felix Freiberger) #6

There’s a good reason to keep these enabled: Discourse doesn’t blindly accept the username provided by SSO; if the username is invalid, it will suggest a modified one. Sometimes, this can get you into weird situations that you can only untangle by manually renaming users.