IAM/Frequently asked questions: Difference between revisions

IAM/Frequently asked questions (view source)

Revision as of 13:03, 17 October 2018

481 bytes added , 17 October 2018

Updated FAQ to include info on FXA

Viorelaioia

163

edits

@@ Line 13: / Line 13: @@
 ==== '''Q''': ''How do I login with Mozilla IAM?'' ====
-Mozilla IAM supports various login methods, such as "LDAP" (Staff logins), GitHub social login, Google social login and email login (which we call "passwordless").
+Mozilla IAM supports various login methods, such as "LDAP" (Staff logins), Firefox Accounts login, GitHub social login, Google social login and email login (which we call "passwordless").
 Certain methods support and enforce the use of two-factor authentication (2FA) and may grant access to more sensitive services.
-==== '''Q''': ''Why is my login failing with an error message telling me to use "GitHub/Google/LDAP/etc" instead?'' ====
+==== '''Q''': ''Why is my login failing with an error message telling me to use "Firefox Accounts/GitHub/Google/LDAP/etc" instead?'' ====
 If your login (your primary email address used by Mozilla IAM) matches an existing account which provides higher
@@ Line 32: / Line 32: @@
 We only allow login, or authentication methods that can verifiably require two-factor authentication (2FA) in order to join any group that may grant you access to data that is not public, such as what we call [https://wiki.mozilla.org/Security/Data_Classification STAFF CONFIDENTIAL data].
-At the time of writing, only LDAP, Google accounts that use our LDAP backend (i.e. '''not''' '@gmail.com' accounts) and GitHub account support this functionality.
+At the time of writing, only LDAP, Google accounts that use our LDAP backend (i.e. '''not''' '@gmail.com' accounts), Firefox accounts and GitHub accounts support this functionality.
-Example: you could get a GitHub account with two-factor authentication enabled. Here's some documentation on how to do this: https://help.github.com/articles/about-two-factor-authentication/
+Example: you could get a GitHub account with two-factor authentication enabled. Here's some documentation on how to do this: https://help.github.com/articles/about-two-factor-authentication/. <br>
+Firefox Accounts also supports two-factor-authentication: https://blog.mozilla.org/services/2018/05/22/two-step-authentication-in-firefox-accounts/.
 If more authentication methods add support for this in the future and seem to be otherwise safe, we'll gladly allow them as well.
@@ Line 91: / Line 92: @@
     [[File:Mozillians_-_add_identity.png|450px]]
 .  Select “Log in with Github” option in next page.
-    [[File:Mozillians_-_verify_account.png|280px]]
+    [[File:1_-_nlx.png|280px]]
 .  Click Authorize mozilla. If you’re logged in to github in the same browser, you can skip the next 2 steps.
     [[File:Mozillians_-_authorize_mozilla.png|300px]]
@@ Line 103: / Line 104: @@
     [[File:Mozillians_-_github_login_identity.png|400px]]
 . Trying to login with email to mozillians will return an error page, asking to login with github.
-    [[File:Mozillians_-_forbidden_page_message_-_github.png|350px]]
+    [[File:2-_error.png|350px]]
 ==== '''Q''': ''The email address I use to login to my mozillians account matches the primary email of my github account. How can I upgrade my mozillians account from passwordless to github?'' ====
@@ Line 109: / Line 110: @@
 .  In the following steps we assume you have 2FA set for your github account. If not, see the steps from [https://wiki.mozilla.org/IAM/Frequently_asked_questions#Q:_How_can_I_set_up_two-factor_authentication_.282FA.29_for_my_github_account.3F here].<br>
 .  Navigate to mozillians page and click Log In/Sign Up button. <br>
-.  Select “Log in with Github” method from mozillians login page. <br>
+.  Select “Continue with Github” method from mozillians login page. <br>
-    [[File:Mozillians_-_login_ways.png|350px]]
+    [[File:3_-_moz_login.png|350px]]
 .  Enter Github credentials.
     [[File:Mozillians_-_login_with_github_to_upgrade_account.png|350px]]
@@ Line 118: / Line 119: @@
     [[File:Mozillians_-_upgrade_to_github.png|350px]]
 .  Trying to login with email to mozillians will return an error page, asking to login with github.
-    [[File:Mozillians_-_forbidden_page_message_-_github.png|350px]]
+    [[File:2-_error.png|350px]]
+==== '''Q''': ''The email address I use to login to my mozillians account matches the primary email of my Firefox Accounts account. How can I upgrade my mozillians account from passwordless to Firefox Accounts?'' ====
+.  In the following steps we assume you have 2FA set for your Firefox Accounts account. If not, see the steps from [https://blog.mozilla.org/services/2018/05/22/two-step-authentication-in-firefox-accounts/ here].<br>
+.  Navigate to mozillians page and click Log In/Sign Up button. <br>
+.  Select “Continue with Firefox” method from mozillians login page. <br>
+   [[File:3_-_moz_login.png|350px]]
+.  Enter Firefox Accounts credentials.
+   [[File:5_-_fxa_login.png|350px]]
+.  Enter 2fa code from your application.
+   [[File:9_-_fxa_2fa.png|300px]]
+.  Navigate to Settings -> Profile Identities section, and verify that Firefox Accounts is set as your login identity. That means this is the only account you can use from now on to login to mozillians.
+   [[File:8_-_fxa_primary.png|350px]]
+.  Trying to login with email to mozillians will return an error page, asking to login with Firefox Accounts.
+   [[File:7_-_fxa_error.png|350px]]
 ==== '''Q''': ''How can I upgrade my mozillians account from passwordless to LDAP?'' ====
 .  Login to mozillians with your email.<br>
-   NOTE: If you are logged in to a Mozilla website or to gmail with your LDAP account in your browser, you will probably be prompted to directly login with LDAP, after clicking "Log In" button in mozillians. In that case, please follow the next 2 steps, in order to login with email.
-   a. Click "Use a different account" link.
-   [[File:Mozillians_-_use_a_different_account.png|300px]]
-   b. Select "Login with email" option.
-   [[File:Mozillians_-_login_options_available.png|300px]]
-   c. Enter your email address and click "Send Email" button. Next, you will receive an email with the login link to mozillians.
-   [[File:Mozillians_-_enter_email.png|300px]]
 .  Navigate to profile settings page.
     [[File:Mozillians_-_go_to_settings.png|350px]]
 .  Scroll down to “Profile Identities” section and click “Add Identity” button.
     [[File:Mozillians_-_add_identity_-_ldap.png|350px]]
-.  Select "Log in with LDAP" in the next page.
+.  Enter your LDAP email in the "Log in with email" field and click "Enter" button.
-    [[File:Mozillians_-_login_with_ldap.png|300px]]
+    [[File:4_-_add_Ldap_identity.png|300px]]
-.  Enter your LDAP credentials and click "LOG IN" button.
+.  Enter your LDAP password and click "Enter" button.
-    [[File:Mozillians_-enter_ldap_credentials.png|300px]]
+    [[File:5_-_add_ldap_password.png|300px]]
 .  Enter 2fa code from your application and click "Log In" button.
     [[File:Mozillians_-_ldap_-_enter_2fa_code.png|250px]]
@@ Line 172: / Line 181: @@
 .  Scroll down to “Profile Identities” section and click “Add Identity” button.
     [[File:Mozillians_-_profile_page.png|350px]]
-.  Select "Log in with LDAP" in the next page.
+.  Enter your LDAP email in the "Log in with email" field and click "Enter" button.
-    [[File:Mozillians_-_login_with_ldap.png|200px]]
+    [[File:10_-_volunteer_LDAP.png|300px]]
-.  Enter your volunteer LDAP credentials and click "LOG IN" button.
+.  Enter your LDAP password and click "Enter" button.
-    [[File:Mozillians_-_enter_ldap_credentials.png|200px]]
+   [[File:5_-_add_ldap_password.png|300px]]
-.  Verify that success message is displayed, after adding the new LDAP identity.
+.  Enter 2fa code from your application and click "Log In" button.
+    [[File:Mozillians_-_ldap_-_enter_2fa_code.png|250px]]
+.  Verify that success message is displayed, after adding the new LDAP identity.
     [[File:Mozillians_-_success_message.png|350px]]
 .  Scroll down to “Profile Identities” section and verify that your volunteer LDAP account is set as your login identity. That means this is the only account you can use from now on to login to mozillians.
     [[File:Mozillians_-_no_mfa_ldap_added_identity.png|350px]]
@@ Line 187: / Line 198: @@
 .  Scroll down to “Profile Identities” section and click “Add Identity” button.
     [[File:Mozillians_-_add_identity_google.png|350px]]
-.  If you logged in with github in mozillians, you will probably be asked to select the github login. As you want to verify your google account, you should click "Use a different account link" at this step.
-   [[File:Mozillians_-_use_different_account.png|200px]]
 .  Select "Log in with Google" in the next page.
-    [[File:Mozillians_-_login_with_google.png|200px]]
+    [[File:3_-_moz_login.png|200px]]
 .  Enter your google email, then click Next.
     [[File:Mozillians_-_enter_google_email.png|250px]]
@@ Line 197: / Line 206: @@
 .  Verify that success message is displayed, after adding the new Google identity.
     [[File:Mozillians_-_success_message.png|350px]]
-.  Scroll down to “Profile Identities” section and verify that your Google account is set as your login identity.
+.  Scroll down to “Profile Identities” section and verify that your Google account is in your Contact identities section.
     [[File:Mozillians_-_google_identity.png|350px]]