Technical Advisory 10000

Description

Currently, by default, users are directed to the "Select Account Page" on the ZITADEL login. However, this can be modified by including a prompt or a login hint in the authentication request.

As a result of this default behavior, users who already have an active session in one application and wish to log in to a second one will need to select their user account, even if no other session is active.

To address this, we are going to change this behavior so that users will be automatically authenticated when logging into a second application, as long as they only have one active session.

Statement

This behaviour change is tracked in the following issue: Reuse current session if no prompt is selected As soon as the release version is published, we will include the version here.

Mitigation

If you want to prompt users to always select their account on purpose, please make sure to include the select_account prompt in your authentication request.

Impact

Once this update has been released and deployed, your users will be automatically authenticated No action will be required on your part if this is the intended behavior.

Description​

Statement​

Mitigation​

Impact​

Description

Statement

Mitigation

Impact