Updated window for Drupal.org login flow deployment

https://www.drupal.org/drupalorg/blog/updated-window-for-drupalorg-login-flow-d…

Created

Wed, 07/08/2024 - 10:37

Updated

Wed, 07/08/2024 - 10:37

Update: We have completed our deployment window with Drupal.org's new login flow successfully enabled.

Please contact help@drupal.org if you encounter any issues that can be resolved with the information below.

The Drupal Association engineering team is preparing to switch over to our new single sign-on solution for user login. This is an important step in our work to upgrade Drupal.org, and in the future will give you the ability to use your Drupal.org identity in new ways.

This switchover was previously scheduled for Thursday, 25 July, but unfortunately we had to roll-back that attempt. After pausing for a week to avoid disrupting the Drupal 11 release window, we are ready to try again.

The switch-over is scheduled for:

Thursday 8 August - from 9am to 1pm Pacific (16:00-20:00 UTC).

During this window you will not be able to update your Drupal.org profile, and during portions of this window you may not be able to login to Drupal.org, and may not be able to access related services which use your Drupal identity, such as git.drupalcode.org.

Below you'll find the details from our original blog post about how the login experience will look different:

A note on user names

By design, Keycloak only supports lower-case usernames. Drupal.org usernames have not been case sensitive for quite a few years, so you will see your username converted to lower case.

If you are an existing user who is already logged in

If you have a session from logging into Drupal.org that was established before the new login flow was deployed, the first time you log out you may be redirected to a page with this message below. In this case, navigating back to Drupal.org will let you login properly, and you will be prompted for the mandatory password reset that is part of this transition.

An error message you might receive when logging out from a session created before the loging was deployed

If you are an existing user who is not logged in

When you click to login or create an account you will be redirected to: accounts.drupal.org

New login page with fields for username or email and password, or a link to sign up. Includes updated Drupal branding at the top and the thank to our provider cloud-iam at the bottom

You will log in with your existing Drupal.org username or email and your current password, and your two factor authentication code if you have TFA enabled.

The Two Factor Authentication UI

Once you log in, you will have to change your password.

~~If you have Two Factor Authentication enabled, you will also have to set up a new seed.~~

~~After that, you'll be taken back to Drupal.org as normal. You should be directed back to the path you came from.~~

A reset of your TFA seed is no longer required!

If you are creating a new account

When you click 'create account' on Drupal.org you will be taken to the new account creation page:

New account registration page with fields for username, email and password, and optional first and last name. The rest of your profile will be completed on Drupal.org. Includes updated Drupal branding at the top and the thank to our provider cloud-iam at the bottom

After you complete the basic information, you will be taken to the Drupal.org welcome page to fill out the rest of your user profile.

Drupal.org welcome page - where you complete your profile information

If you need to change your account information

The majority of your account information will continue to live in your Drupal.org profile, however, some basic account information will now be stored and updated in the Drupal.org SSO system.

When you click to edit your first and last name, username, password, email address, or enable two factor authentication you'll be taken to the account page:

When you click to edit your first and last name, username, password, email address, or enable two factor authentication you'll be taken to the account page

The account console has options for updating email, password, first and last name, and two factor settings.

Setting up Two Factor Authentication

This account settings page is also where you can change your Two Factor Authentication settings. You can use the 'Account Security' tab in the sidebar to navigate to the Two Factor setup process:

Setup process for two-factor-authentication

If you need to reset your password

If you have forgotten your password, you can reset your password from the login page:

The new forgot password page with a field for your email address to receive a reset email. Includes updated Drupal branding at the top and the thank to our provider cloud-iam at the bottom

You will receive a password reset email from noreply@drupal.org allowing you to change your password.

If you encounter any issues with your account, please contact us at help@drupal.org

We want to thank two of our partners for supporting this project.

Cloud-IAM is our SSO partner. Cloud-IAM is a privacy centric provider of hosted solutions for Keycloak, an open source identity management service. They are enthusiastic supporters of the Drupal community, and would like to offer any site owners and agencies who are looking for their own identity and access management service 10% off, with promo code: DRUPAL10.

Our implementation partner on this project was Tag1Consulting. Tag1Consulting is a global team of Drupal experts working with clients from non-profits to the Fortune 500, and is one of the top contributors to Drupal. They have been the Drupal Association's infrastructure partner for many years.