Open k-der opened 1 year ago
Hi, this this standard practice in all SSO systems. We are allowing the user to approve data being transferred from one platform to another SMDH SSO -> SMDH AEP. This is something that should not be changed as giving the user visibility and control of their data movements is a key aspect of SMDH.
I think for certain in-house / trusted services, we can look at granting access by default. However, this is going to require more customisation of the Keycloak server which is something we can do, but want to keep to a minimum if poss. I suggest we submit a feature request on official Keycloak repo to support a configurable set of pre-approved services, and pop this on the 'should' roadmap, its not on the critical path though.
On clicking the asset explorer after activating a new account the user is presented with the following message
As asset explorer is an option available to all SSO users it should be enabled by default.