iachat/spec/enterprise/controllers/enterprise
Shivam Mishra 550b408656
fix: restrict existing user sign-in to account members (#13793)
SAML sign-in now only links an existing user when that user already
belongs to the account that initiated SSO. New users can still be
created for SAML-enabled accounts, and invited members can continue to
sign in through their IdP, but SAML will no longer auto-attach an
unrelated existing user record during login.

**What changed**
- Added an account-membership check before SAML reuses an existing user
by email.
- Kept first-time SAML user creation unchanged for valid new users.
- Added builder and request specs covering the allowed and rejected
login paths.
2026-03-13 12:22:25 +05:30
..
api feat(help-center): enable drag-and-drop category reordering (#13706) 2026-03-05 12:53:38 +05:30
devise_overrides fix: restrict existing user sign-in to account members (#13793) 2026-03-13 12:22:25 +05:30
public/api/v1/portals feat: Use embeddings in help center search (#9227) 2024-04-15 16:35:23 -07:00
webooks fix: Added authentication to FireCrawl API, remove unused RobinAI references (#10737) 2025-01-22 18:14:25 -08:00