Submitted on behalf of Fellowship Bible Church of Northwest Arkansas
In using the Rock Mobile App, people with a profile protection level of high or extreme (such as church staff) cannot login to the app using Phone Number or Email. They receive a message "It appears you have an account in our system that has security access which requires you to login with a username and password." However, they use Office 365 logins for Rock so they do not have database logins that can be used on the app and the app has no way to change the password if a new login is created (which is not secure).
Even if the profile protection is lowered on staff security groups, the job sets them to High if they have scheduled giving or stored payment methods.
Can reproduce in
[ ] Orange App
[ ] Blue App
Steps to Reproduce
Create a person in the Rock DB with an Extreme Profile Protection level and a mobile phone and email.
Load the app on the phone with the entered number.
Try to login using phone or email.
"It appears you have an account in our system that has security access which requires you to login with a username and password." is displayed.
Expected Behavior
I would expect phone/email code authentication to be able to be used on the app even with profile protection in place. This seems as close to MFA as is available at present and more secure than having separate logins just for the Mobile App (separate from Office 365 used for Rock).
Actual Behavior
Phone and email based authentication is not available to staff members.
Describe the Issue in Detail
Submitted on behalf of Fellowship Bible Church of Northwest Arkansas
In using the Rock Mobile App, people with a profile protection level of high or extreme (such as church staff) cannot login to the app using Phone Number or Email. They receive a message "It appears you have an account in our system that has security access which requires you to login with a username and password." However, they use Office 365 logins for Rock so they do not have database logins that can be used on the app and the app has no way to change the password if a new login is created (which is not secure).
Even if the profile protection is lowered on staff security groups, the job sets them to High if they have scheduled giving or stored payment methods.
Can reproduce in
Steps to Reproduce
Expected Behavior
I would expect phone/email code authentication to be able to be used on the app even with profile protection in place. This seems as close to MFA as is available at present and more secure than having separate logins just for the Mobile App (separate from Office 365 used for Rock).
Actual Behavior
Phone and email based authentication is not available to staff members.
Screenshots or Videos
Reproduction XAML
No response
Mobile Shell Version
1.4.0.8
Last Known Working Version
Prior to v13.6 Rock Server Upgrade
iOS Device Type(s) and iOS Version(s)
iPhone 12
Android Device Type(s) and Android Version(s)
N/A