Skip to content

Fix: Correct inaccurate Email as Username prerequisite for all affected versions (Product IS issue #26241) #5703

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Nov 25, 2025
Merged

Fix: Correct inaccurate Email as Username prerequisite for all affected versions (Product IS issue #26241) #5703

merged 3 commits into from
Nov 25, 2025

Conversation

@wso2-engineering-bot
Copy link

@wso2-engineering-bot wso2-engineering-bot commented Nov 12, 2025
edited by coderabbitai bot
Loading

This PR was automatically generated by Claude AI.

Issue Details

Summary

Corrected inaccurate documentation that incorrectly stated "Email as Username" is a mandatory prerequisite for Email Domain-Based Organization Discovery. The feature can work without it, with specific requirements for username format during user creation and different login scenarios.

Changes Made

  • Removed: Incorrect statement requiring "Email as Username" feature to be enabled
  • Added: Comprehensive Prerequisites section with two subsections:
    1. Username requirements during user creation
    2. Login experience scenarios (A and B)
  • Clarified: Username must be in email format during user creation
  • Documented: Two scenarios for login - with and without Multi-Attribute Login
  • Added: Important note about existing users with non-email usernames

Affected Versions

This single change to the shared include file affects:

  • IS 7.0.0
  • IS 7.1.0
  • IS 7.2.0

All three versions use the same include file (en/includes/guides/organization-management/organization-discovery/email-domain-based-organization-discovery.md), so one fix updates all versions.

Style Scope Verification

Microsoft Style Guidelines have been applied ONLY to newly added content without modifying existing content style unless specifically requested.

Verification

  • Documentation builds successfully: mkdocs build passed
  • Note: mkdocs build --strict fails due to pre-existing configuration warnings unrelated to this PR (verified on master branch)
  • Changes have been validated to address all requirements specified in the issue

Summary by CodeRabbit

  • Documentation
    • Updated email domain–based organization discovery guide: added prerequisites enforcing username as a valid email and requiring the email domain to match configured organization domains; clarified behavior when usernames don’t match and that creation will fail in those cases.
    • Removed the previous conditional instruction to enable email-as-username for a specific identity server.

✏️ Tip: You can customize this high-level summary in your review settings.

Fix: Correct inaccurate Email as Username prerequisite for all affect…
5474f04 
…ed versions (product-is#26241)

- Removed incorrect statement that Email as Username is mandatory
- Added comprehensive Prerequisites section with username requirements and login scenarios
- Clarified distinction between username format requirements during user creation and login experience
- Documented Scenario A (Multi-Attribute Login disabled) and Scenario B (Multi-Attribute Login enabled)
- Added important note about existing users with non-email usernames
- This single change affects all IS versions (7.0.0, 7.1.0, 7.2.0) via shared include file
@CLAassistant
Copy link

CLAassistant commented Nov 12, 2025
edited
Loading

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you all sign our Contributor License Agreement before we can accept your contribution.
1 out of 2 committers have signed the CLA.

✅ himeshsiriwardana
❌ wso2-engineering-bot

wso2-engineering-bot seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account.
You have signed the CLA already but the status is still pending? Let us recheck it.

@wso2-engineering-bot wso2-engineering-bot mentioned this pull request Nov 12, 2025
Closed
@coderabbitai
Copy link

coderabbitai bot commented Nov 12, 2025
edited
Loading

Caution

Review failed

The pull request is closed.

Walkthrough

Added a Prerequisites section requiring username to be an email whose domain matches a configured discovery domain, clarified two login scenarios for email-domain-based organization discovery (Multi-Attribute Login on/off), added MFA/user-edge-case warning, and removed a prior product-specific instruction about enabling email as username.

Changes

Cohort / File(s) Summary
Organization Discovery doc
en/includes/guides/organization-management/organization-discovery/email-domain-based-organization-discovery.md		 Added a Prerequisites section specifying username must be an email and domain must match a configured discovery domain; defined two login scenarios (A: Multi‑Attribute Login OFF — use full email as username; B: Multi‑Attribute Login ON — use username plus email attribute for discovery); added MFA/user-edge-case warning; removed product-specific conditional instructing to enable email-as-username.

Sequence Diagram(s)

sequenceDiagram
  participant User
  participant App
  participant AuthServer
  rect `#f8fbff`
    Note right of App: Organization discovery step
  end

  User->>App: Submit credentials (username or email)
  alt Multi-Attribute Login OFF
    App->>AuthServer: Use full email as username for discovery
    AuthServer-->>App: Map organization by email domain
  else Multi-Attribute Login ON
    App->>AuthServer: Send username + email attribute for discovery
    AuthServer-->>App: Map organization by email attribute domain
  end
  App->>User: Proceed with authentication (MFA if required)
Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

  • Review correctness of the username/email domain requirement wording.
  • Verify the Multi‑Attribute Login scenarios and examples are accurate.
  • Confirm the MFA/user-edge-case warning sufficiently documents failure modes and recovery steps.

Possibly related PRs

Poem

🐰 I hopped through lines of docs today,

Prereqs set and pathways laid,
Domains matched and cases clear,
Discovery hops now poised to steer,
A carrot thank-you for the change! 🥕✨

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)
Check name Status Explanation Resolution
Description check ⚠️ Warning The description is comprehensive and addresses the issue, changes made, and affected versions. However, the required Template sections (Purpose with issue links, Related PRs, Test environment, and Security checks) are mostly absent or incomplete. Add explicit Purpose section with issue link format, Related PRs section, Test environment details, and complete the Security checks checklist to match the repository template.
✅ Passed checks (2 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly and specifically describes the main change: correcting inaccurate documentation about the Email as Username prerequisite for organization discovery, directly addressing product-is issue #26241.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 0fb9810 and e88e791.

📒 Files selected for processing (1)
  • en/includes/guides/organization-management/organization-discovery/email-domain-based-organization-discovery.md (1 hunks)

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai bot reviewed Nov 12, 2025
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

🧹 Nitpick comments (1)
en/includes/guides/organization-management/organization-discovery/email-domain-based-organization-discovery.md (1)

36-49: Login scenarios clearly differentiate behavior based on Multi-Attribute Login configuration.

Scenario A straightforwardly describes the standard flow, while Scenario B explains the enhanced flexibility and explicitly recommends it. The important note correctly addresses the experience for existing non-email username users, which is crucial for migration paths.

However, per the PR objectives, the change goal was to clarify that "Email as Username" is not a mandatory prerequisite. Consider adding an explicit statement like: "Note: This feature does not require the 'Email as Username' capability to be enabled." This would make the fix more obvious to readers who may have encountered the previous documentation.

Optional verification: Confirm that the Multi-Attribute Login link at line 46 ({{base_path}}/guides/authentication/configure-multi-attribute-login/) is accurate and current in all supported versions (IS 7.0.0, 7.1.0, 7.2.0).

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between bb37e6d and 5474f04.

📒 Files selected for processing (1)
  • en/includes/guides/organization-management/organization-discovery/email-domain-based-organization-discovery.md (1 hunks)
🔇 Additional comments (2)
en/includes/guides/organization-management/organization-discovery/email-domain-based-organization-discovery.md (2)

24-49: Comprehensive Prerequisites section successfully clarifies requirements and scenarios.

The new Prerequisites section effectively communicates the key requirements for email domain-based organization discovery. The structure is logical, moving from username requirements during user creation to two distinct login scenarios based on Multi-Attribute Login configuration. The important note about existing users with non-email usernames (lines 48-49) correctly identifies a critical edge case.

28-34: Username requirements are clearly articulated with good use of examples.

The subsection correctly specifies that usernames must be in email format with domain matching, and importantly notes this is a strict requirement during user creation. The progressive detail (format requirement → domain matching → strict enforcement) follows a logical learning curve.

@himeshsiriwardana
Update en/includes/guides/organization-management/organization-discov…
0fb9810 
…ery/email-domain-based-organization-discovery.md
@himeshsiriwardana himeshsiriwardana merged commit 09a855b into master Nov 25, 2025
1 of 5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@AnuradhaSK AnuradhaSK AnuradhaSK left review comments

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@himeshsiriwardana himeshsiriwardana himeshsiriwardana approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@wso2-engineering-bot @CLAassistant @AnuradhaSK @himeshsiriwardana