Idea ID: 2789946

Make access to the New User Creation configurable

Status : Waiting for Votes
Waiting for Votes
See status update history
over 4 years ago
I have with a number of colleagues discussed the possibility to limit the access to creating new users to a selectable group just like the Helpdesk function and preserve the option of being able to access the form for non-authenticated people.

A lot of companies dislike the idea of self-registration, but would like to limit the creation of new users to a selectable group due to security reasons.

If the New User Form access is limited in the same way as the Helpdesk function with an option of being able to access the form for non-authenticated people, both self-registration and authenticated new user create would be possible.

Labels:

Configuration
  • I have heard one customer here asking for the same functionality. This customer has no IDM and it would be great if SSPR could handle that.
  • The intention is not to make a mini-IDM tool but to react on customers needs. After posting the idea, I have had 2 customer request for the same functionality. Moderniseringsstyrelsen are requesting a NAM solution including Self Service Password Reset with self registration for a number of organisations. Each organistation will have appointed a helpdesk function that on-behalf of the organisation should create new users and manage any profile updates. This should not be public available. The users should be able to hanlde password resets by themselves. NetCompany are requesting an SSPR solution for an external web-sites with AD as user store. They too would need self registration and profile updates limited to helpdesk. Neither of those need a mini-IDM only to have features already in the SSPR product to be limited to HelpDesk. It doesn't seem to be a big change, but it would be very valuable for 2 current opportunitites.
  • This is under review. It seems to me that the functionality you are describing is an Identity Manager feature - not an SSPR. If I understand correctly, you would like SSPR to become an account creation tool for Help Desk (or other defined group). The intent of SSPR account claiming and registration is not to make SSPR a mini-IDM tool. These features are mainly to support B2x scenarios. Troy
  • Great! Just like you can enable public access for People Search, you want to enforce authentication for the New User module.