WHAT & WHEN

HCC has adopted the preferred method for identifying internal users based on the identity provider claims ("idp": "auth.*redhat.com"). 

The current fallback check using the JWT "is_internal" will be deprecated on September 30, 2023.  

• Visit the HCC QE Confluence page (VPN required) to verify whether your internal users are federated with one of the Red Hat accounts.

• If your user isn't, you can continue through the instructions to take the necessary steps to connect your internal users to a federated account.

After September 30, 2023, the only method for identifying users will be based on checking the identity provider claims ("idp": "auth.*redhat.com"). 

• This provides teams three months to make the necessary changes to their services and update any internal user accounts that must be federated in preparation for the switch.

WHO

• This will require changes from tenants currently verifying the user accounts' internal status by checking the JWT for "is_internal"
• Anyone with a user account that needs to be considered "Internal" but is not yet federated with the IT LDAP Service Account.

ADDITIONAL INFORMATION

Please review the following post for details of the change, requirements, background information, and references: HCC QE Confluence Page (VPN required).

Please contact #forum-consoledot-accessmanagement with any questions. 

ConsoleDot Actions Required & Releases Source page is here.