3.24. Email ID and Role Validation¶
DigitMarket™ API Manager has pre-defined user roles for LDAP Publisher users, namely: Admin user, Business user, Technical user and Approver. For more information on user roles, refer to this topic: User Roles and Access.
For LDAP Publisher users, both Email IDs and their user roles are required to be validated during authentication. If the “Fetch Role from LDAP” plugin is enabled and the value for Role fetched from LDAP matches with any one of the following: Admin, Approver, Technical or Business, the user is created and the fetched role assigned.
However, the application does not allow two or more users with the same user role, and having the same Email ID, to be created. Since both Email IDs and user roles are validated during authentication, application will not accept LDAP users who have the same Email IDs and user roles. If these LDAP user details are required to be added to the database, then each user will have to change either their user role, or their Email ID to be accepted by the application. This authentication is to ensure that no two Email ID and user role combination is the same. This is a tedious process and may inconvenience the users.
To remedy this, the Email ID for LDAP users with the same Email ID and user roles is fetched from the property file. The property file has an Email ID constant that acts as the default Email ID. This default Email ID is universal and will always be accepted by the system. The original Email IDs of the LDAP users will be replaced by the Email ID constant from the property file. This will ensure that that two or more LDAP users with same Email ID and user role combination can be added to the database.
Note
Email ID and role validation feature is available for Publisher users who are added from LDAP. This feature is not applicable for native users.