General Feedback
How should we improve our feedback and product management tools?
We are listening and use this feedback to prioritize our roadmap!
35 results found
-
Direct licensed users to appropriate landing page When Admins sign in, direct them to the Admin Console. When Contributors sign in, direct them to the Contributor Console. Web Portal for everyone else.
1 vote -
1 vote
-
Update JWT SSO Permissions JWT SSO allows you to pass admin: accept to promote a user to Admin license; however, there's more granular permission to the Admin license in the User Management in the UI.
Please surface these options so they can be passed in the JWT SSO.
1 vote -
Remember user's preferred authentication methods If they sign-in with email address, present that option. If they sign-in with SSO, automatically log them in.
1 vote -
Extend Magic Link expiration time Currently, Magic link authentication expires after 10 minutes.
1 vote -
Support IDN e-mail addresses IDN domains are not invalid, allow them to be used for your services.
1 vote -
SSO Tenant Buttons are really small The SSO tenant buttons are so tiny that when you have email auth enabled, and SSO, you barely know that SSO is even an option.
It would be great to be able to specify your primary sign in option, and this one appears first. At the least, if you have email and one SSO tenant, can the SSO button have specified text and be 100% width of the component.
1 vote -
1 vote
-
Configure SAML Attribute Mapping Typically, IDP is expected to map the SAML attributes as SSO claims - offer an option to configure attribute/claim mapping on the UserVoice side.
1 vote -
Designate GUID a the primary identifier over email address In cases where the user information passed in SSO matches the GUID of one user, but the email address of another user, we will match based on the email address and update the GUID.
In certain situations, the GUID data is "cleaner", more unique and it makes more sense to match primarily based on the GUID as to be certain which user will be signed-in and any new data passed with SSO will update that user.
1 vote -
Add support for encrypted SAML assertions The SAML metadata provided by UserVoice does not include a public key. So, SAML assertions sent by an IdP are not encrypted (though they may be signed).
Although SAML assertions are delivered to UserVoice over TLS, having them be encrypted prevents the browser (and anything bad running on the browser) from reading the assertion. Also, using encrypted assertions can help to block other problems; for example, see https://shibboleth.net/community/advisories/secadv_20180227.txt for an instance of a security bug that mainly affected unencrypted assertions.
My request is for UserVoice to generate a key pair for its SP, and include that in the SAML metadata,…
1 vote -
Increase password length Password length is more secure than special chars. I work with a password manager and use 19 chars length passwords - only letters. See image
1 vote -
1 vote
Hi Everyone,
We have reviewed this idea, and it’s not something we plan to implement. Even though we are deferring this idea for now, it is still open to votes and comments. We do want to hear your opinion. Thank you for the feedback, and please, keep sharing!
-
Restrict access to admin sign-in by IP address subdomain.uservoice.com/admin should be able to be restricted to specific IP addresses
1 voteHi Everyone,
We have reviewed this idea, and it’s not something we plan to implement. Even though we are deferring this idea for now, it is still open to votes and comments. We do want to hear your opinion. Thank you for the feedback, and please, keep sharing!
-
Pass through SAML authentication If a user is already logged in with a customer's identity provider, pass through that authentication to UserVoice.
This is especially important if an account is using SAML and UserVoice authentication together. If that is the case, then end users who log in with SAML, have to click the icon to get logged in.
Ideally, the user would be automatically authenticated if they had already logged in with the customer's identity provider.
1 voteHi Everyone,
We have reviewed this idea, and it’s not something we plan to implement. Even though we are deferring this idea for now, it is still open to votes and comments. We do want to hear your opinion. Thank you for the feedback, and please, keep sharing!
- Don't see your idea?