Summary:
Allow users to define custom error messages for login policy denials triggered by specific login policy conditions.
Context:
Currently, when a login attempt is denied due to policy, users see a generic message such as:
could not authorize user: could not evaluate precomputed space access: login denied by policy
This message provides no actionable guidance for users and often results in unnecessary support tickets.
Use Case:
In some of our environments, login denials occur because users are not connected to the VPN. It would be extremely helpful to display a more specific message in those cases, for example:
βLogin denied by policy: please ensure you are connected to the VPN and try again.β
Requested Behavior:
Enable users to configure custom error messages for specific policy conditions.
Optionally, allow message templates or variable substitution (e.g., referencing the failed condition).
Perhaps maintain the option to log the detailed technical reason separately for debugging somewhere, while showing a user-friendly message in the UI.
Benefits:
Improves user experience and reduces confusion.
Decreases support load by providing clear, actionable guidance.
Please authenticate to join the conversation.
π In Review
π‘ Feature Requests
Access Control
5 months ago
Get notified by email when there are changes.
π In Review
π‘ Feature Requests
Access Control
5 months ago
Get notified by email when there are changes.