Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[RFW0012] User Sign in and Recovery #13

Open
ProfilaMitchell opened this issue Aug 17, 2022 · 0 comments
Open

[RFW0012] User Sign in and Recovery #13

ProfilaMitchell opened this issue Aug 17, 2022 · 0 comments
Labels
TOPIC: Identity Identity feature

Comments

@ProfilaMitchell
Copy link
Collaborator

ProfilaMitchell commented Aug 17, 2022
edited
Loading

Table of Contents

Housekeeping

Make sure to clearly understand Type-A and Type-B requests, and the relevant limitations. Failing to follow the guidelines pertaining to the two acceptable types of RFWs will automatically lead to disqualification of the RFW.

Take time to complete each section below with as much detail as is required to establish a comprehensive understanding about the underlying product specification.

ALL BELOW FIELDS ARE REQUIRED

The Problem

We do not currently have a way for users to sign into the Profila platform on web

User Story

As a Profila user I want to sign into the platform so that I can use it

  • High Business severity - Users need to be able to sign into the platform, a fault in this process has severe implications
  • High Priority - Users need to be able to sign into the platform

Request Type A/B

Type-B

Owner

Mitchell Goudie

Summary

The UI and flow of the user sign-in process is being developed for web

Is This Really Necessary?

It is necessary to have a sign-in process in order to have users use the platform.

Motivation

We need to implement a sign in process so that users can sign in to the platform

Named Concepts

Examples, Risks & Assumptions

  1. Explain concretely what will manifest as a result of this RFW.
  • Profila users will be able to sign into the Profila platform using an email or phone number associated with their account
  • Profila users will receive a MagicLink once utilising their phone number to login if using a mobile device
  • Profila users will receive a 4 digit code via sms once utilising their phone number to login if using a desktop device
  • Profila users will receive a MagicLink once utilising their email to login regardless of device
  • Profila users will not need to recover their Profila account as they have access to their phone and/or email. Recovering access to either of these login devices falls to another party as responsibility.
  1. Explain how is it different from what is already manifesting i.e. what we already have?

There is currently no way for users to sign into the Profila platform on web

  1. Explain what Profila users/brands will experience as a result of this RFW. How will they feel as a result of it? How will they benefit as a result of it?
  • Profila users will be able to sign into the platform on web. They will feel at ease knowing that they don't have to use a password in order to use the platform
  1. If applicable, provide sample messages for any new messages the system will display as a result of this RFW.

All sample messages are provided in the Conceptual Design section of this RFW.

  1. Define what is out of scope in this request.

Registration for the platform is out of scope of this request

  1. What are the data protection, privacy and security assumptions made for this request (example, should this be GDPR, HIPPA (healthcare), NIST compliant etc. - Speak to Michiel or Ipek!)

NIST identity control

  1. Explain how this user story will be supported (i.e customer support - if the user story fails technically, how will the user be supported).

As access is permitted through a link either via email or sms, or via a code sent via sms, if the user cannot sign in due to lack of access to either of these tools, they will have to regain access via the appropriate external channel.

  1. Explain how this user story impacts revenue or billing (if applicable).

N/A

  1. State any additional risks identified as a result of this user story.

The risk exists that users lose access to either the phone number or email used to sign up to Profila. This poses as a risk as Profila cannot aid the user in recovering their respective phone number or email address

Success Metrics

Users can sign into the Profila platform on web

Conceptual Design

The conceptual design of the registration process, including all fields necessary and elements of text for the user, are included in the 'Log in' section of the Figma board below.

https://www.figma.com/file/Dd5uhOzEbxJ7euR7Hn6Jzf/Profila-Website-(Individuals)?node-id=0%3A1
Pass: Profila2022

Drawbacks

Alternatives

There exists the possibility of allowing users to log in using a password along with their associated email/phone. However, this additional possibility encumbers the registration process as well as the sign in methods. This also places more weight on Profila in providing user support in the event of a forgotten password.

New Data

Business release date

The Profila sign in and recovery process is requested by the start of Q4/October 2022.
@ProfilaMitchell ProfilaMitchell added the TOPIC: Identity Identity feature label Aug 17, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
TOPIC: Identity Identity feature
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ProfilaMitchell