Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update Login.gov config to use biometric configuration #2158

Closed
3 tasks
abroddrick opened this issue May 9, 2024 · 1 comment · Fixed by #2181
Closed
3 tasks

Update Login.gov config to use biometric configuration #2158

abroddrick opened this issue May 9, 2024 · 1 comment · Fixed by #2181
Assignees
@zandercymatics
Labels
dev

Comments

@abroddrick
Copy link
Contributor

Issue description

Login.gov is doing their biometric beta program and we want to participate. For new users, they should go through this new identity verification program, but old users should go through

Acceptance criteria

  • "All New Users Require Biometric Flow" configurations changes are made to our oidc setup, thus requiring new users to go through the biometric flow and previous users to go through current idv options
  • update unit tests
  • remove step_up_acr_value (and any references)

Additional context

slack thread for reference

See the documentation for Biometric configuration and specifically page 4 where it mentions "All New Users Require Biometric Flow"

Notes for dev:
settings.py sets the OIDC_PROVIDERS values which is what controls our login.gov config for both identity sandbox and production. By looking at the documentation it looks like we can leave our ial1 logic alone and then update our logic for step logic. For ial2 we will remove the step up acr value which is no longer needed per their documentation and add vtr and vtm verification.

settings fields
image

ial2 setup where acr values need to change
image

Links to other issues

No response
@abroddrick abroddrick added the dev label May 9, 2024
@vickyszuchin
Copy link

This ticket was added to sprint 45 on Day 4. Product deemed it a priority ticket. The agreed compromise is to move the WHOIS ticket (cisagov/get.gov#267) to a later sprint.

@h-m-f-t h-m-f-t changed the title Update Login.gov config to use Biometric configuration Update Login.gov config to use biometric configuration May 14, 2024
@zandercymatics zandercymatics self-assigned this May 15, 2024
@zandercymatics zandercymatics mentioned this issue May 16, 2024
Merged
46 tasks
zandercymatics added a commit that referenced this issue May 23, 2024
@zandercymatics
Merge pull request #2181 from cisagov/za/2158-use-biometric-config
3327fe2 
(On getgov-za) Ticket #2158: Use biometric auth instead of IAL2
zandercymatics added a commit that referenced this issue May 24, 2024
@zandercymatics
Revert "Ticket #2158: Use biometric auth instead of IAL2"
84e1361
@zandercymatics zandercymatics mentioned this issue May 24, 2024
Merged
zandercymatics added a commit that referenced this issue May 24, 2024
@zandercymatics
Merge pull request #2221 from cisagov/za/revert-2158-biometric-changes
f35850c 
On getgov-za Revert "Ticket #2158: Use biometric auth instead of IAL2"
zandercymatics added a commit that referenced this issue May 24, 2024
@zandercymatics
Revert "On getgov-za Revert "Ticket #2158: Use biometric auth instead…
4df56a5 
… of IAL2""
@zandercymatics zandercymatics mentioned this issue May 24, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@zandercymatics zandercymatics

Labels
dev
Projects
.gov Product Board
Status: ✅ Done
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Ticket #2158: Use biometric auth instead of IAL2 cisagov/manage.get.gov
3 participants
@abroddrick @zandercymatics @vickyszuchin