You are viewing limited content. For full access, please sign in.

Question

Question

Laserfiche Cloud email verification and business processes

Laserfiche Cloud Business Processes Forms Administration
Updated February 12, 2024
asked on October 21, 2022 Show version history

We have a business process in our Laserfiche Cloud instance that uses some of the logged in user's information to populate fields in a form, as well as sends an email to the user with the completed form.  If a user has validated their email, the business process works as expected.  If the user has not validated their email, the form does not populate the fields and the email step will error with the error code 

No email recipients are configured or no verified email address is associated with that user [LFF2009-EmailRecipientUnresolved]

After some testing, we confirmed that if the email address is verified, the email will go through and the form fields will populate as expected.

We are trying to find a way to handle this situation in order to avoid any errors in the business process.

Is there a way in a business process to check if a user has verified their email address and send the verification request?

Is there a way to hide forms from users who do not have a verified email address?

For any federated accounts, those emails are known to be valid.  Is there a way to automatically validate these accounts?

How are others solving this issue?

 

Thank you in advance for any suggestions!

Lisa

0 0

Replies

replied on November 10, 2022

It is not possible for business processes to request email verification (and it would be complicated because they'd have to monitor the user and potentially re-send the verification request if the user does not act within 24 hours).

However, we did deploy a fix last week where federated accounts will automatically be marked as verified when registered if the email is one of the mapped attributes in the identity provider. So new users registering after that point will be marked as verified.

For your existing users, you can select the entire user list in your account by clicking the checkbox in the table header:

Then click "Verify email". Don't worry about picking just the users with unverified emails, the functionality does filter down to just the accounts in need of verification. Be aware that given the large number of users in your account, it may be a bit slow to load the confirmation dialog.

 

0 0
replied on October 19, 2023

Does this mean that SSO accounts can be automatically verified without the need to send verification emails out?  I tested the theory and it does not seem to be the case.

1. I checked to see if the email attribute is mapped on our SSO identity provider in LF and AzureAD

2. I setup a new user in AzureAD and added them to the SSO group

3. I registered the user in LF Cloud by importing a csv with their federated user, email, name, etc using the template from the import dialogue

4. The new user was created unverified

5. When I click verify, it sends the verification email to the email address but does not automatically verify based on the mapped identity provider attribute

6. I logged into LF Cloud with the user account and it did not automatically verify the account based on the mapped identity provider attribute.

 

The customer I am working with is wanting to onboard multiple users without the need to manage the email verification step manually with each user.  I am looking for options to accomplish this.

0 0
View 3 previous replies
replied on October 19, 2023

Import will not verify users, but SSO accounts registered through just-in-time provisioning will be verified if the email attribute is mapped in the configuration for their identity provider.

0 0
replied on October 19, 2023

Thanks Miruna,  that verifies what the customer was reporting.  Do you know if there are any future developments on allowing this to be more automated or allow an administrator role to manually verify the email through the interface instead of sending an email?

This seems to come up with every new customer.

 

0 0
replied on October 19, 2023

We do not have plans to allow manual verification by an administrator. But we do have plans to add verification on login if the 3rd party token contains the email claim.

0 0
replied on October 20, 2023

Thanks Miruna,

 

Is there any proposed timeline for the verification on login addition?

 

 

0 0
replied on February 12, 2024

Hello,  

 

Updated question on this.  Would using the SCIM provisioning be the same as JIT for verifying the user based on an email claim mapping?

 

 

0 0
replied on February 12, 2024

Yes, both SCIM and JIT will auto-verify the email address on user creation providedd that the email claims are correctly mapped.

I don't have an ETA on when automatic verification on login for any users who didn't have their claims ready on creation will be ready.

0 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...