chatwoot

mirror of https://github.com/chatwoot/chatwoot.git synced 2026-06-04 21:02:35 +08:00

History

Shivam Mishra 550b408656 fix: restrict existing user sign-in to account members (#13793 ) SAML sign-in now only links an existing user when that user already belongs to the account that initiated SSO. New users can still be created for SAML-enabled accounts, and invited members can continue to sign in through their IdP, but SAML will no longer auto-attach an unrelated existing user record during login. What changed - Added an account-membership check before SAML reuses an existing user by email. - Kept first-time SAML user creation unchanged for valid new users. - Added builder and request specs covering the allowed and rejected login paths.	2026-03-13 12:22:25 +05:30
..
agent_builder_spec.rb	feat: setup invite to handle SAML enabled account [CW-5613] (#12439 )	2025-09-17 19:33:38 +05:30
saml_user_builder_spec.rb	fix: restrict existing user sign-in to account members (#13793 )	2026-03-13 12:22:25 +05:30

fix: restrict existing user sign-in to account members (#13793 )

SAML sign-in now only links an existing user when that user already
belongs to the account that initiated SSO. New users can still be
created for SAML-enabled accounts, and invited members can continue to
sign in through their IdP, but SAML will no longer auto-attach an
unrelated existing user record during login.

**What changed**
- Added an account-membership check before SAML reuses an existing user
by email.
- Kept first-time SAML user creation unchanged for valid new users.
- Added builder and request specs covering the allowed and rejected
login paths.

2026-03-13 12:22:25 +05:30

agent_builder_spec.rb

feat: setup invite to handle SAML enabled account [CW-5613] (#12439 )

2025-09-17 19:33:38 +05:30

saml_user_builder_spec.rb

fix: restrict existing user sign-in to account members (#13793 )

2026-03-13 12:22:25 +05:30