Findings while testing new login

[hifabienne]

I have added the new login to my test application and went through different flows, here are some findings:

Bugs:

• [x] I have configured password and passwordless for my user, when i quit the passwordless login and press use password instead, enter the password, nothing happens afterwards
• [x] If i do not send a prompt, wouldn't it make sense to show the select account?

To implement:

• [x] Back buttons are missing, Example: There is no back button from the password login method
• [x] Register Button missing when enabled in policy
• [x] Password reset link

IDPs:

• [ ] Auto linking does not work
• [ ] When user already exists, ugly error message is shown, linking not possible

[peintnermax]

if i do not send a prompt, wouldn't it make sense to show the select account? After talking with @livio-a we decided that a direct login reflects the current behaviour of the login and makes most sense to reduce customer interactions

[livio-a]

if i do not send a prompt, wouldn't it make sense to show the select account? After talking with @livio-a we decided that a direct login reflects the current behaviour of the login and makes most sense to reduce customer interactions

For completeness: The current behavior would automatically prompt the user for an account selections as soon as multiple sessions exist and only reuse the existing as long as there's only a single session, not explicitly terminated. Both options require the client to send additional parameters in one or the other case:

• prompt=select_account to let the user chose on the new option
• login_hint / id_token_hint to preselect the user session in the current login