cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted
Occasional Advisor

Terms of Service *with* SSO/SAML2 implementation

While the admin dashboard allows you to define requirement for Terms of Service acknowledgement in System->Registration->"Require users to accept the Terms of Service", it also notes that this is not required if SSO is implemented.

 

We have SSO enabled, but are still looking to leverage the Terms of Service within Lithium - should this work by design?  I tested this with a new user registering via SSO, but they were not presented with the ToS.  Is this a bug, or a designed intent?

 

Thanks

 

Jamie

5 Replies 5
Advisor

I'm fairly certain that this TOS functionality as built in to Community by default will pertain to the Lithium account sign up process, which you are circumventing by implementing an SSO provider - therefore users aren't going to see it with your implementation.

If you want your users to agree to another set of T&C's, one solution is to post them on the Community and place them in a prominent location, so users are made aware that this is part and parcel of being a community member. Another idea is to email T&C's link along with other helpful information to users on signup, so they get the lay of the land.

Hope that's helpful!

If you've found one of my posts helpful, why not give it kudos?!

And be sure to Accept as a solution if a post has answered your question.
Highlighted
Occasional Advisor

Thanks for the input, certainly appreciated! I was hoping to have a
first-auth presentation of ToS on the Lithium side of the handshake, but it
sounds like that's a no-go. Very unfortunate, but our community may be a
corner case.

Thanks,

Jamie
Highlighted

As another thought, if you've built out a custom sign on process I don't see why you couldn't build in Lithium's T&C's at some part of the process. Just a hyperlink out to the content would do the job!

If you've found one of my posts helpful, why not give it kudos?!

And be sure to Accept as a solution if a post has answered your question.
Highlighted
Khoros Alumni (Retired)

Alternatively you could add a custom component to the UserSsoRegistrationPage page layout. That's the page shown after returning from the SSO login call where new members are asked to complete their profile by picking a community name. In this component you could expose the page.user_signup.terms_of_service text string next to a checkbox which would enable the form submission button when checked.

 

Out of curiosity: What creates the requirement to agree to additional ToS on top of the one already signed on SSO account creation? Most of our customers reviewed their account terms and conditions and found that the sections on content ownership and allowed use covered community scenarios as well.


Khoros Best Practice until August 2019. Onwards posting as Claudius.
Learn how to master Khoros. Learn Best Practice in the Community Documentation
If you appreciate my efforts, please give me a kudo ↓
Accept as solution to help others find it faster.
Highlighted
Occasional Advisor

Thanks!  This might just be my Plan B.  The reasoning for differentiation is strategic - I can expound a bit more once launch is complete, but there's definitely a sound set of reasons why we want/need to have the separation; I'm all for the umbrella/hierarchical approach where it can inherit appropriately, and it would definitely make things simpler if that was the case. 🙂