Hello. I am working on a user synchronization system from our companies main product, Workspace. I have made a REST api that inserts users into CRM, triggered from Workspace. Now, I want to customize sugar login the following way: Do the regular stuff and check username and password. If there is a match, cool, do as usual. If not, instead of directly jumping out with the "invalid credentials" message contact Workspace with the hashed password and username and if there is a match there, do as if the hash was correct in the first place. PS: This is a mock-up replacement for single sign on, until we develop that properly, using SAML and open ID connect. That means the user is present in the CRM system but I am failing to match the way workspace hashes the password with the way sugar hashes the password. The result is if I try to log into CRM, I get the "invalid credentials" error. So what file and method I would need to customize?
