Jump to content

OAuth Claim email is incorrect


HostT

Recommended Posts

Using the OAuth for users to login to our applications using WHMCS as the authentication provider.  This works fine, with the exception of when a user does the SSO process using an additional USER account (user their main WHMCS account).  The email address returned in the claim is ALWAYS the CLIENT email address, NOT the actual USER email address.

https://developers.whmcs.com/oauth/introduction/

Basically this results in the SSO user claim returning the INCORRECT email for the user actually going through the SSO process.

Does anybody know anyway around this or how to fix this? 

Maybe with the change to user accounts in WHMCS 8.x this wasn't accounted for?  I feel like this should be something standard to return the email from the ACTUAL USER logging in through SSO, not the email from the main CLIENT account.

I opened a ticket with support and was given the standard canned reply to open a feature request.  This is a major issue for me as on our end we can't differentiate between who is logging in through SSO as it always appears to be the main CLIENT account, and not the actual USER.  The claim has ZERO information that we could use to differentiate who is logging in.

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated