Linking Existing Accounts option for SSO missing developer accounts in the list

[smorgan19]

When a existing user with a developer account requests SSO, the account does not appear in the Link to existing account's list. Only non developer accounts are showing in the list to link with an existing account.

[hakjuoh]

By the current design, Developer accounts are users who develop Core Components and should not be SSO users. Could you please explain in what scenarios Developer users are necessary? @kbserm

[smorgan19]

We have users who develop Core Components before presenting them to OAGIs for approval or our own internal testing/needs. Additionally, we have users who have had developer accounts for years and we are unable to switch them to end user accounts/delete them as they are tied to content. Since the addition of SSO we have always had developer accounts that are linked to SSO and this is a safer security practice to use SSO then basic auth. Currently, non-sso accounts don't have any restrictions on password types(length, character vs special character), expiration/mandatory cycling, etc, to make it a semi-safer alternative. Scalability wise its not feasible to issue individual credentials for each user needing a developer account as the user base grows and adds a large maintenance burden on the admins(creating the passwords, updating them when they are forgotten, etc).

[hakjuoh]

Now, the 'Link to Existing Account' dialog allows SSO users to link to both developers and end-users.