EPIC Goal

Convert SignInWithCatalogUserOptional to an optional setting, defaulting to off, to enhance security and user management in RHDH.

Background/Feature Origin

• Current SignInWithCatalogUserOptional setting allows users to log in without a catalog user entity
• This default behavior may pose security risks in some environments

Why is this important?

• Improves security by ensuring users have proper catalog entries by default
• Provides flexibility for admins to enable the option when needed

User Scenarios

• As an admin, I want to ensure all logged-in users have corresponding catalog entries
• As an admin, I want the option to allow users to log in without catalog entries in specific scenarios

Dependencies (internal and external)

• Existing authentication system in RHDH
• User management components in the catalog

Acceptance Criteria

• Change SignInWithCatalogUserOptional to be an optional setting
• Set the default value of SignInWithCatalogUserOptional to 'off'
• Implement configuration option for admins to enable SignInWithCatalogUserOptional
• Ensure backward compatibility for existing setups
• Update documentation to reflect the changes in SignInWithCatalogUserOptional behavior
• Develop test cases for both enabled and disabled states of SignInWithCatalogUserOptional
• Verify that disabling SignInWithCatalogUserOptional prevents logins for users without catalog entries

Release Enablement/Demo - Provide necessary release enablement details and documents
DEV - Upstream code and tests merged: <link to meaningful PR or GitHub Issue>
DEV - Upstream documentation merged: <link to meaningful PR or GitHub Issue>
DEV - Downstream build attached to advisory: <link to errata>
QE - Test plans in Playwright: <link or reference to playwright>
QE - Automated tests merged: <link or reference to automated tests>
DOC - Downstream documentation merged: <link to meaningful PR>