Skip to main content

Improved Account Security

We are moving to a new sign-in flow for all users as part of an upcoming DataOps.live release. The change will improve your account security by enforcing SSO and removing support for passwords for Git over HTTPS.

What this means

New sign-in experience

Users on DataOps.live will be directed to a new sign-in experience when logging in. You will be redirected to auth.dataops.live, which will become the centralized login service for all of DataOps.live.

Git authentication

caution

Git over HTTPS will no longer support username & password authentication, users must use the more secure Personal Access Token or use Git over SSH instead.

note

Web IDE and DDE cloud users are unaffected by git authentication changes

After this change, you can no longer use password authentication when using Git over HTTPS to your local machine. The only supported methods will be HTTPS using personal access tokens (PAT) and SSH.

Users who had previously configured username and password authentication will need to create a personal access token and reconfigure their Git repositories to username and PAT authentication before running any new git clone, git push, or git pull commands.

Importing repositories by URL will also be affected by this change, but you can still use this functionality by replacing the password with a personal access token.

SSO login enforced

For customers with SSO configured, SSO logins will now be enforced. Users will no longer be able to sign in with a username and password.

SSO redirect URL changes

caution

The domain used in redirect URLs is changing from dataops.eu.auth0.com to auth.dataops.live. Customer SSO configured will need to be updated in advance.

We will be reaching out to affected customers.

OpenID Connect, Google Workspace & Microsoft Azure AD

OpenID Connect, Google Workspace, and Microsoft Azure AD all support multiple redirect URLs. Customers simply need to add a new redirect URL from https://dataops.eu.auth0.com/login/callback to https://auth.dataops.live/login/callback.

Microsoft Azure AD Example:

Azure -> App Registrations -> DataOps.live -> Authentication

high-level Microsoft Azure AD Example __shadow__

SAML 2.0, ADFS & Ping Federate

Multiple redirect URLs are unsupported for SAML 2.0, ADFS, and Ping Federate. Therefore we will work with customers directly to configure a second connection in advance, which we will automatically switch to when the change is rolled out on DataOps.live

Support for 3rd party email domains

These changes also add support for 3rd party users to be added to your identity provider to allow them to log in to DataOps.live. SSO Customers will no longer be restricted on the email domains that can be used from their IDP.

Getting support

If you have any issues related to the SSO migration, don't hesitate to contact our support team.