User With Revoked Channel Access Can Log in Using Alternative Login (Doc ID 2725295.1)

Last updated on JUNE 16, 2021

Applies to:

Oracle Banking Digital Experience - Version 19.2.0.0.0 and later
Information in this document applies to any platform.

Symptoms

ACTUAL BEHAVIOR
---------------
User with Revoked Channel access can log in using Alternative login

EXPECTED BEHAVIOR
-----------------------
User should not be allowed to log in from any device or any method when the channel access of user is revoked.

STEPS
-----------------------
The issue can be reproduced at will with the following steps:
Simulation steps:
1.) Enable alternative login for a user.
2.) Log in using alternative login. (successful).
3.) Login with Admin
4.) Revoke channel access for the user with alternative login.
5.) Use mobile App.
6.) Use alternative login to login from app.
7.) User is able to login (unexpected behavior).

Changes

Cause

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

User With Revoked Channel Access Can Log in Using Alternative Login (Doc ID 2725295.1)

Applies to:

Symptoms

Changes

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!