Affects Version/s: 7.3.X, Master
Component/s: Application Security > SAML
- Setup SP & IDP portal instances and connect them as usual
- On the IDP, create a new user email@example.com
- On the SP navigate to Control Panel > Configuration > Instance Settings
- Click User Authorization
- Checked "Allow strangers to create accounts?" and uncheck "Allow strangers to create accounts with a company email address?". Save.
- Navigate to SAML Admin and edit the IDP Connection. Check "Unknown Users Are Strangers". Save
- Logout of the SP
- Complete a SP initiated SSO via the "Sign in" link, using the firstname.lastname@example.org user created in step 2
Expected result: Toast appears stating that "email domain is reserved"
Actual result: Toast appears stating that "email address is incomplete or invalid"