LG-15121 Add a post_idv_follow_up_url configuration to service providers
#11591
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…ders We have been working through issues with a service provider who has observed that users do not return to their SP after entering their mailed code. We identified an opportunity to provide users with a direct link back to the SP to re-initiate their session if they complete an out-of-band session. This commit adds a `post_idv_followup_url` to the SP configuration for this purpose. This URL is used in the `account_verified` email if it is present. In future commits we plan to add a CTA after the user enters a mailed code and to the account page if the user has not connected their account. The service provider we are working with has concerns about showing the user the correct locale in this case. For this reason the locale is included as a query param. This change should not impact SPs that do not have a `post_idv_followup_url` configured. [skip changelog]
jmhooper
added a commit
that referenced
this pull request
Dec 5, 2024
… code In #11591 we added a `post_idv_follow_up_url` that allows users to return to a service provider after finishing verification out-of-band. This commit puts this new URL to work in the verify-by-mail code. After this commit user's who enter a verify-by-mail code without an SP in their session will see a new SP follow-up screen. This screen includes a CTA that prompts the user to connect their account to the service provider they started proofing with. This link leads to the new post-IdV follow-up URL. changelog: User-Facing Improvements, Verify-by-mail, A CTA was added to prompt users to return to the service provider after verify-by-mail
zachmargolis
approved these changes
Dec 5, 2024
jmhooper
added a commit
that referenced
this pull request
Dec 5, 2024
… code In #11591 we added a `post_idv_follow_up_url` that allows users to return to a service provider after finishing verification out-of-band. This commit puts this new URL to work in the verify-by-mail code. After this commit user's who enter a verify-by-mail code without an SP in their session will see a new SP follow-up screen. This screen includes a CTA that prompts the user to connect their account to the service provider they started proofing with. This link leads to the new post-IdV follow-up URL. changelog: User-Facing Improvements, Verify-by-mail, A CTA was added to prompt users to return to the service provider after verify-by-mail
jmhooper
changed the title
post_idv_followup_url configuration to service providerspost_idv_follow_up_url configuration to service providers
mitchellhenke
pushed a commit
to 18F/identity-dashboard
that referenced
this pull request
Dec 6, 2024
In 18F/identity-idp#11591 we added a new attribute named `post_idv_follow_up_url` to service providers. This attribute represents a URL that is displayed to to users when they have finished proofing but have not gone back to sign in to a service provider. This commit adds this new URL to the dashboard so that service provider maintainers can configure this value for their applications.
jmhooper
added a commit
to 18F/identity-validations
that referenced
this pull request
Dec 6, 2024
In 18F/identity-idp#11591 we added a new `post_idv_follow_up_url` to the service provider. In https://gitlab.login.gov/lg/identity-dashboard/-/merge_requests/163 we are making that configurable by service provider maintainers. This commit helps that effort by adding URI validations to this new field. This will help ensure that it has a valid value everywhere we expect.
jmhooper
added a commit
to 18F/identity-validations
that referenced
this pull request
Dec 6, 2024
* Add `post_idv_follow_up_url` to URI validations In 18F/identity-idp#11591 we added a new `post_idv_follow_up_url` to the service provider. In https://gitlab.login.gov/lg/identity-dashboard/-/merge_requests/163 we are making that configurable by service provider maintainers. This commit helps that effort by adding URI validations to this new field. This will help ensure that it has a valid value everywhere we expect.
jmhooper
added a commit
that referenced
this pull request
Dec 9, 2024
… code (#11602) In #11591 we added a `post_idv_follow_up_url` that allows users to return to a service provider after finishing verification out-of-band. This commit puts this new URL to work in the verify-by-mail code. After this commit users who enter a verify-by-mail code without an SP in their session will see a new SP follow-up screen. This screen includes a CTA that prompts the user to connect their account to the service provider they started proofing with. This link leads to the new post-IdV follow-up URL. changelog: User-Facing Improvements, Verify-by-mail, A CTA was added to prompt users to return to the service provider after verify-by-mail
mitchellhenke
pushed a commit
to 18F/identity-dashboard
that referenced
this pull request
Dec 9, 2024
* update identity-validations tag * fix broken sp controller test * update identity validations * Add a `post_idv_follow_up_url` configuration to service providers In 18F/identity-idp#11591 we added a new attribute named `post_idv_follow_up_url` to service providers. This attribute represents a URL that is displayed to to users when they have finished proofing but have not gone back to sign in to a service provider. This commit adds this new URL to the dashboard so that service provider maintainers can configure this value for their applications.
jmhooper
added a commit
that referenced
this pull request
Dec 11, 2024
…s into URLs In #11591 we added a `post_idv_follow_up` URL in response to issues we were having getting users for a particular partner to return to their SP. This partner expressed concerns about have the appropriate locale for these users since they are returning to the partner without initiating a session at the partner. The original implementation for the change in #11591 included a locale param on the `post_idv_follow_up` URL. After some discussion with other engineers we identified that this pattern of hardcoding a param onto a single service providers was undesirable. This commit introduces the ability to include templateable values in these URLs and introduces the locale as one of those values. changelog: Internal, SP Configuration, Add the ability to specify a locale in a redirect URL
jmhooper
added a commit
that referenced
this pull request
Dec 11, 2024
…s into URLs In #11591 we added a `post_idv_follow_up` URL in response to issues we were having getting users for a particular partner to return to their SP. This partner expressed concerns about have the appropriate locale for these users since they are returning to the partner without initiating a session at the partner. The original implementation for the change in #11591 included a locale param on the `post_idv_follow_up` URL. After some discussion with other engineers we identified that this pattern of hardcoding a param onto a single service providers was undesirable. This commit introduces the ability to include templateable values in these URLs and introduces the locale as one of those values. changelog: Internal, SP Configuration, Add the ability to specify a locale in a redirect URL
jmhooper
added a commit
that referenced
this pull request
Dec 12, 2024
…s into URLs (#11620) * LG-15237 Allow the SP return URL resolver to interpolate locale values into URLs In #11591 we added a `post_idv_follow_up` URL in response to issues we were having getting users for a particular partner to return to their SP. This partner expressed concerns about have the appropriate locale for these users since they are returning to the partner without initiating a session at the partner. The original implementation for the change in #11591 included a locale param on the `post_idv_follow_up` URL. After some discussion with other engineers we identified that this pattern of hardcoding a param onto a single service providers was undesirable. This commit introduces the ability to include templateable values in these URLs and introduces the locale as one of those values. changelog: Internal, SP Configuration, Add the ability to specify a locale in a redirect URL
mitchellhenke
pushed a commit
to 18F/identity-dashboard
that referenced
this pull request
Dec 16, 2024
* update identity-validations tag * fix broken sp controller test * update identity validations * Add a `post_idv_follow_up_url` configuration to service providers In 18F/identity-idp#11591 we added a new attribute named `post_idv_follow_up_url` to service providers. This attribute represents a URL that is displayed to to users when they have finished proofing but have not gone back to sign in to a service provider. This commit adds this new URL to the dashboard so that service provider maintainers can configure this value for their applications.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
We have been working through issues with a service provider who has observed that users do not return to their SP after entering their mailed code or passing fraud review. We identified an opportunity to provide users with a direct link back to the SP to re-initiate their session when they complete out-of-band proofing.
This commit adds a
post_idv_followup_urlto the SP configuration for this purpose. This URL is used in theaccount_verifiedemail if it is present. In future changes we plan to add a CTA after the user enters a mailed code and to the account page if the user has not connected their account.The service provider we are working with has concerns about showing the user the correct locale in this case. For this reason the locale is included as a query param.
This change should not impact SPs that do not have a
post_idv_followup_urlconfigured.