chore: new hosted auth handler #9045
Conversation
nunogois
requested review from
ivarconr,
chriswk,
gastonfournier,
daveleek and
sjaanus
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎
1 Skipped Deployment
|
Dependency Review✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.OpenSSF Scorecard
Scanned Files |
| label: 'SCIM', | ||
| component: <ScimSettings />, | ||
| }); | ||
| } |
There was a problem hiding this comment.
I need some guidance here.
Isn't SSO an Enterprise-only feature anyways?
AFAIK there's no way to get authenticationType === 'enterprise' in a hosted Pro instance. A Pro instance would simply display "Your Unleash instance is managed by the Unleash team." and not allow you to configure SSO. Am I missing something?
This PR simplifies our logic to rely on the plan instead of the auth type and protect SSO configuration behind the Enterprise plan.
If we're okay with this, then maybe we should protect the route from showing up at all for non-Enterprise plans on a follow-up PR.
There was a problem hiding this comment.
I think this is an improvement indeed, there used to be a flag there that got removed, and the isEnterprise check stayed behind.
nunogois
force-pushed
the
chore-new-hosted-auth-handler
branch
from
f6a6f72 to
33ac286
Compare
https://linear.app/unleash/issue/2-3074/add-sign-in-with-google-to-our-hosted-instances-when-only-password-is
https://linear.app/unleash/issue/2-3078/allow-viewer-access-from-auth-app-for-payg
Adds support for a new unified hosted auth handler.
This new auth handler provides a Google sign in option in case you don't have an SSO provider configured. It also provides a way for auth-app to sign in with Unleash's read-only user for Pro and Enterprise PAYG instances.
Check the PR comments for more details.