HostT Posted April 9, 2021 Share Posted April 9, 2021 Using the OAuth for users to login to our applications using WHMCS as the authentication provider. This works fine, with the exception of when a user does the SSO process using an additional USER account (user their main WHMCS account). The email address returned in the claim is ALWAYS the CLIENT email address, NOT the actual USER email address. https://developers.whmcs.com/oauth/introduction/ Basically this results in the SSO user claim returning the INCORRECT email for the user actually going through the SSO process. Does anybody know anyway around this or how to fix this? Maybe with the change to user accounts in WHMCS 8.x this wasn't accounted for? I feel like this should be something standard to return the email from the ACTUAL USER logging in through SSO, not the email from the main CLIENT account. I opened a ticket with support and was given the standard canned reply to open a feature request. This is a major issue for me as on our end we can't differentiate between who is logging in through SSO as it always appears to be the main CLIENT account, and not the actual USER. The claim has ZERO information that we could use to differentiate who is logging in. 0 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.