New Joomler profile from IDP not always created correctly

[sanderpotjer]

Data before user? User stored under user_id = 0 in volunteers table, therefore seeing "provide consent" issue.

[sanderpotjer]

@roland-d I looked into this one, and it looks like that for the accounts that are missing a "volunteer" we never received a ping from the identity portal with the payload of the profile.

Is it possible that we don't add an entry for the user in the #__identity_messagequeue to update the profile data on a connected site if a user logins via SSO? Can we make sure that if someone is logging in via JVP we always make sure that the profile data is send as well?

[dryabov]

Probably related: I've registered on IDP yesterday, and JVP required my consent (though it was approved on IDP right after the registration). But I've just found a workaround: to withdraw my consent and re-approve it again.

[sanderpotjer]

@dryabov yes, that sounds related and indeed a work-around as consents are pushed again with that action.

[roland-d]

@sanderpotjer

Is it possible that we don't add an entry for the user in the #__identity_messagequeue to update the profile data on a connected site if a user logins via SSO?

Isn't this exactly what we want? This should create the data on the JVP site or am I missing something?

Is the information transferred too late to the JVP?

Can we make sure that if someone is logging in via JVP we always make sure that the profile data is send as well?

That is an option but also quite a change/hack on the SSO extension.

[sanderpotjer]

As discussed:

• directly after account creation on IDP, via client site like JVP, we directly ping the client site with the user data
• during this process we show a "Your account is being created" with a loading icon for about 5 seconds - in this timeframe the JVP account should be ready
• we continue the redirect back to the JVP on which the account is available meanwhile