Require email verified user for phone verification endpoints (!137633) · Merge requests · GitLab.org / GitLab

Eugie Limpin requested to merge el-require-email-for-phone-verification into master Nov 22, 2023

What does this MR do and why?

Follow-up to Reverse the order of identity verification steps (!137513 - merged)

With Reverse the order of identity verification steps (!137513 - merged) users are now required to verify their email first before they can see the phone verification step (and subsequently the CC verification step). In this MR, we ensure users are required to verify a phone number and they are email verified first before they can hit the phone verification endpoints.

Screenshots or screen recordings

Before	After

How to set up and validate locally

See https://gitlab.com/groups/gitlab-org/modelops/anti-abuse/-/epics/30#note_1663160775

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited Nov 23, 2023 by Eugie Limpin

Require email verified user for phone verification endpoints

What does this MR do and why?

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

Merge request reports