turns out since 6.26.2 admins can only log in with email mapping, which is not possible as not all oauth providers use emails, downgraded to 6.26.1 and disabled updates. to fix it.
is there a way to bypass the email mapping for admins?
This reply was modified 1 year, 5 months ago by nullx8.
Starting from version 6.26.2, we have made it mandatory to verify the admin email for users performing SSO. This change was introduced to address the potential risk if the admin username is exposed. By enforcing email verification, we aim to enhance security for admin accounts.
We understand that some OAuth providers do not provide an email address. In such cases, we recommend avoiding SSO for admin users to prevent any security risks. To offer more flexibility, we will be adding an optional check for admin email verification in the upcoming plugin release.
Could you please share your OAuth provider with us? If the provider supports any special permissions or scopes to fetch the email, we can explore and verify it for you.
Let us know if you have any further questions or need assistance.
We are using Keycloak and ran into this issue. We never touched the email scope configuration. I can say that WordPress doesn’t list the email address in the users table, and manually adding the email address on the WordPress site didn’t help fixing this issue.
Could you please confirm the current scope you are using? Typically, the OpenID scope itself provides the user’s email.
<span style=”box-sizing: border-box; margin: 0px; padding: 0px;”>If you are using this scope and still unable to fetch the user information, I recommend contacting us via our support email. We can then schedule a meeting to review your Keycloak configuration and assist y</span>ou further.
Let me know if you have any questions or concerns.
Thanks,
Ishika
Viewing 4 replies - 1 through 4 (of 4 total)
The topic ‘WPO005 after update’ is closed to new replies.
