SIT-12385: Single Sign-On with Auth0

How to Use This Feature

BOE SSO with Auth0 Authentication

Overview

This feature enables single sign-on (SSO) for BOE through Auth0 authentication API. It allows partners to log in using their email and password while ensuring only valid users can access the application.

Behavior

* Login Flow

+ When the feature flag is enabled, the BOE login uses Auth0 authentication flows.

+ Partners can log in successfully using their email and password.

+ Signing up from the BOE login page is not possible (behavior should be continued).

+ Only users created within the BOE application can log in.

* Role and Permission Preservation

+ The user's roles and permissions remain intact when logging in with Auth0 authentication.

* Legacy Login Flow

+ When the feature flag is disabled, the BOE login uses legacy BOE authentication flows.

+ Partners must access the BOE application using the same method if they have a new account created with the Auth0 flag enabled.

Validation

The feature has been validated through testing scenarios, including:

  • Login with previous method (still working for now)
  • User can log in with correct credentials
  • User is not able to log in without correct credentials
  • Metadata logs are pending implementation
  • Roles and permissions have not been modified
  • Login with valid passkey
  • Invalid passkey does not allow login
  • Trust device

    • Additional Information

    Status: UAT
    Assigned to: Robert Frazee
    🏠 Home View in Jira