SSO - Login flow but only for users in bubble

Need help APIs
1

I have built a SSO Login (which actually is a signup/login) flow according to bubble instructions for employees within our Active Directory.
Works fine, but I would like to create a workflow that will not log the users (as I actually only need log action) when they are not in the user database. As the goal is that not all employees from AD should be able to log in.

image
image347Ă—247 7.41 KB

But I cannot fetch the user information without signing them in.
Anybody had a solution for that?

2

Based on the flow you’ve built, it seems like you’re currently logging the user in as soon as the Microsoft SSO API is triggered.

Here’s what you can do:

  1. Fetch the user information (Step 2 – MS SSO - Get Microsoft Signup Info).
  2. Check if the user exists in your database. Use a “Do a search for Users” step to check if the user’s email or unique ID (from the Microsoft data) exists in your database.
  • Example: Search for Users: Email = Result from Step 2’s email.
  1. If the user is found, proceed to Log the user in.
  2. If the user is not found, prevent logging them in by adding a condition to the Log the user out step:
  • Only run the action if the user exists in the database (i.e., when the search result is not empty).

This way, you’re checking the user’s existence in your database first and only logging them in if they match a record. If they don’t exist in the database, you’ll prevent any login actions.

Let me know if this approach works or if you need further clarification!

1 Like
3

When I have shuffled those workflows I receive 401 error and the flow stopped working. I think Im missing another call to get the user data to validate them before I actually log them in.

1 Like
4

Hey!

The 401 error happens because the user needs to be logged in first to fetch their info via Microsoft SSO. Here’s what to do:

  1. Log the user in with the Microsoft SSO API.
  2. Fetch the user data after they’re logged in using the “Get Microsoft Signup Info” action.
  3. Check your database if the user exists.
  4. If they exist, log them in; otherwise, redirect or show an error message.

You need to log the user in before accessing their info. If you try to fetch data without logging them in first, you’ll get a 401.

Hope that helps! Let me know if it doesn’t work.

5

That’s exactly what I did but the problem is action nr 1 actually logs the user in / creates an account before I can stop it. So I am looking for a call/solution which prevents this call to authorize the user before he gets in.
I would like to sort of pre - log him to extract his information.

6

Is it possible to use the Microsoft API to fetch user information before using the “Signin/Login” action?

Normally, Bubble’s SSO flow logs the user in immediately when using the Microsoft login action, but you want to first fetch the user data and then decide whether to log them in or not. I think you have to do this within Bubble’s API workflow?

7

Thats what I want to try as a solution - to first fetch, then login. But i was wondering if a anybody has a copy paste solution. Big thanks as discussion with you helps me to fix this case!