Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add identity disable properties to identity create #2420

Open
Russell-Allen opened this issue Sep 19, 2024 · 0 comments
Open

Add identity disable properties to identity create #2420

Russell-Allen opened this issue Sep 19, 2024 · 0 comments
Assignees
@andrewpmartinez
Labels
enhancement New feature or request

Comments

@Russell-Allen
Copy link

An identity can be disabled using the identity disable endpoint, but an identity can't be created in an initially disabled state. This forces clients that want to setup a disabled identity to first create it enabled and then disable it in a second request. If there's any issue between the create and disable request, its possible that the identity is left enabled, which may be a violation of the client's security policies.

This use case (creation of disabled identities) exists in provisioning integrations, like SCIM, which are responsible for provisioning identities in ziti based on some other system, typically an IdP. Many IdPs support the notion of users being active or not. SCIM as a protocol has a disabled property on the user.
@andrewpmartinez andrewpmartinez self-assigned this Sep 19, 2024
@andrewpmartinez andrewpmartinez added the enhancement New feature or request label Sep 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@andrewpmartinez andrewpmartinez

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@andrewpmartinez @Russell-Allen