News & Announcements User Community Developer Community

Welcome to the RingCentral Community

Please note the community is currently under maintenance and is read-only.

Make sure to review our Terms of Use and Community Guidelines.
  Please note the community is currently under maintenance and is read-only.
Home » Users
Disable users from changing email in SSO
Tags: admin portal, permissions
Oct 19, 2020 at 9:38am   •   3 replies  •  0 likes
Dean Eckstrom

We want to be able to allow users access to "User Hours". Unfortunately Role permission to change it is grouped under "User Info" permission which contains other fields we can not allow users to change.

We disables "User Info" to prevent users from changing their account email address in our SSO environment. If they do that, they are unable to sign-in via campus SSO and they loose access to their RC account.

Some items underneath User Info->Settings and Permissions are appropriate and very useful to end users. For instance "User Hours".

Is there another way, or future plans, to allow users access "User Hours" without also allowing them to change the account email?

3 Answers
answered on Oct 23, 2020 at 4:49am  

Do not feel compelled to answer quickly. Examine the issues more carefully.

answered on Oct 23, 2020 at 4:40am  


The 'User Info' permission applies Equally to these attributes of concern:

email address. - we want to disallow updates
password/pin - we want to allow updates
user hours - we want to allow updates

how does one Allow password and User hours, but Disallow updates to eMail? They are all part of 'User Info' role permission. The permission assignment needs more 'granularity'.

This is extremely critical in an SSO environment where login is based on email address. If a user changed email, they break their account access based on our testing. It also causes IT administrative headaches to correct API problems that result.

A general security philosophy is "Do not give users access to things that break things". Our user community has already, and will continuously, change this field if the App lets them.

For this reason we had to shut off User Info. However there are critical user features such as 'User Hours' and 'PIN Reset' (including via *86) that are also disabled by this permission setting.

answered on Oct 22, 2020 at 7:49am  

Hello @Dean Eckstrom! Yes, you can do that! By doing custom roles for your employees. Click HERE for more info. Thank you!

answered on Oct 22, 2020 at 7:54am  

I believe you can not do that. eMail and User Hours are part of the same permission 'User Info'.

One can not separate the two I believe. You can not disable email without disabling User Hours



A new Community is coming to RingCentral!

Posts are currently read-only as we transition into our new platform.

We thank you for your patience
during this downtime.

Try Workflow Builder

Did you know you can easily automate tasks like responding to SMS, team messages, and more? Plus it's included with RingCentral Video and RingEX plans!

Try RingCentral Workflow Builder

Developer Platform
Integrated Apps
App Gallery
Developer support
Games and rewards

Resource center
Product Releases
App Download
RingCentral App login
Admin Portal Login
Contact Sales
© 1999-2024 RingCentral, Inc. All rights reserved. Legal Privacy Notice Site Map Contact Us