Prevent Federated Users to gain access to other Projects
We have set Federated authication and RoleMapping to project. This roleMapping gives Project Owner Rights to a particular project. Project Owner have the right to invite other people into their project.
Role mapping is only applied when a user logs in. However, if the user receives an invitation to a project when logged in (to say Project ***) and accepts an invitation (to say Project YYY, for which they should not have any access), they will receive the Atlas role in that project (Project YYY) designated by the invitation, allowing them to perform any actions provisioned by that role.
Could you prevent such a scenario to happen ? By
- Federation Settings OR adding possibility to create Custom Atlas Roles ( in this case we would just remove invitation right to the ProjectOwner Role )
Hello, thanks for posting this. Depending on how you have configured federation this can be prevented. Can you please submit a support ticket so we can assist you?