General Feedback
How should we improve our feedback and product management tools?
We are listening and use this feedback to prioritize our roadmap!
37 results found
-
Configure SAML Attribute Mapping Typically, IDP is expected to map the SAML attributes as SSO claims - offer an option to configure attribute/claim mapping on the UserVoice side.
1 vote -
Allow logout screen to be editable We need to be able to edit the message people get when they log out with a closed site. I need to be able to link them to where they can log in versus just telling them they have to log in.
2 votes -
Designate GUID a the primary identifier over email address In cases where the user information passed in SSO matches the GUID of one user, but the email address of another user, we will match based on the email address and update the GUID.
In certain situations, the GUID data is "cleaner", more unique and it makes more sense to match primarily based on the GUID as to be certain which user will be signed-in and any new data passed with SSO will update that user.
1 vote -
UserVoice to provide DMARC support for custom domains. UserVoice to provide DMARC support for custom domains.
3 votes -
Allow customization of the size of the SSO icon To bring attention to it, so that admin users are aware of it's existence when they try to sign-in from the /admin URL.
2 votes -
Have one log in for linked accounts When a company has more than one instance of UserVoice to manage, there is a need to have one log in, instead of having to manage multiple passwords for each instance.
6 votes -
Add support for encrypted SAML assertions The SAML metadata provided by UserVoice does not include a public key. So, SAML assertions sent by an IdP are not encrypted (though they may be signed).
Although SAML assertions are delivered to UserVoice over TLS, having them be encrypted prevents the browser (and anything bad running on the browser) from reading the assertion. Also, using encrypted assertions can help to block other problems; for example, see https://shibboleth.net/community/advisories/secadv_20180227.txt for an instance of a security bug that mainly affected unencrypted assertions.
My request is for UserVoice to generate a key pair for its SP, and include that in the SAML metadata,…
1 vote -
Ability to use the same SSO config across multiple UserVoice instances We have multiple instances with UserVoice, and with each one we have to go through the process of configuring SSO. It would be great if it was possible to configure once, and then copy that across each instance so that each one doesn't have to go through our Dev and Stage testing each time.
2 votes -
Increase password length Password length is more secure than special chars. I work with a password manager and use 19 chars length passwords - only letters. See image
1 vote -
Make OpenID Connect support V2 of Azure Active Directory While UserVoice has support for OpenID Connect, this does not work with V2 of Azure Active Directory. This is problem for non microsoft businesses and MSFT consumer domains that want to use our OpenID Connect feature with Azure Active Directory.
3 votes -
Import Domains for a private forums When authorizing domains for a private forum, you must add them one by one in the settings. It would be ideal if admins could import a list of email domains. This is important for an account that needs to import multiple domains for a single private forum.
6 votes -
Add support for SAML single logout When a user logs out of UserVoice, log them out of the identity provider as well.
4 votes -
Two factor authentication Add a feature that allows admins to require two factor authentication
15 votes -
Pass through SAML authentication If a user is already logged in with a customer's identity provider, pass through that authentication to UserVoice.
This is especially important if an account is using SAML and UserVoice authentication together. If that is the case, then end users who log in with SAML, have to click the icon to get logged in.
Ideally, the user would be automatically authenticated if they had already logged in with the customer's identity provider.
1 voteHi Everyone,
We have reviewed this idea, and it’s not something we plan to implement. Even though we are deferring this idea for now, it is still open to votes and comments. We do want to hear your opinion. Thank you for the feedback, and please, keep sharing!
-
1 vote
Hi Everyone,
We have reviewed this idea, and it’s not something we plan to implement. Even though we are deferring this idea for now, it is still open to votes and comments. We do want to hear your opinion. Thank you for the feedback, and please, keep sharing!
-
Restrict access to admin sign-in by IP address subdomain.uservoice.com/admin should be able to be restricted to specific IP addresses
1 voteHi Everyone,
We have reviewed this idea, and it’s not something we plan to implement. Even though we are deferring this idea for now, it is still open to votes and comments. We do want to hear your opinion. Thank you for the feedback, and please, keep sharing!
-
Be able to search SSO Logs - You need to troubleshoot an SSO issue and find a token for a specific user
- You have to scroll through every single page of SSO logs to find the one you want.
- This is time consuming for admins when troubleshooting an issue, and we spend a lot of time scrolling through logs to find the data we need.
- Need to be able to search the logs by email address, username and if possible, GUIDs as well.
3 votes
- Don't see your idea?