From 04024aeaf0da2266923ea81bc5f5d195355625f9 Mon Sep 17 00:00:00 2001
From: Thijs Kinkhorst <thijs@kinkhorst.com>
Date: Wed, 29 Nov 2023 15:00:32 +0100
Subject: [PATCH] Default feature block_user_on_violation to on

For new installs this makes sense - the scope check is only done when
you add scopes in Manage anyway, but if you add them, it's a safer
default that they are actually enforced.

The feature flag mostly exists to phase in scopes where you previously
not had enabled them, so you want to start logging first.
---
 app/config/parameters.yml.dist | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/config/parameters.yml.dist b/app/config/parameters.yml.dist
index def1be713..3e66496b1 100644
--- a/app/config/parameters.yml.dist
+++ b/app/config/parameters.yml.dist
@@ -221,7 +221,7 @@ parameters:
     feature_api_metadata_api: true
     feature_api_deprovision: true
     feature_run_all_manipulations_prior_to_consent: false
-    feature_block_user_on_violation: false
+    feature_block_user_on_violation: true
     feature_enable_consent: true
     feature_stepup_sfo_override_engine_entityid: false