Improved Account Security
We are moving to a new sign-in flow for all users as part of an upcoming DataOps.live release. The change will improve your account security by enforcing SSO and removing support for passwords for Git over HTTPS.
What this means
New sign-in experience
Users on DataOps.live will be directed to a new sign-in experience when logging
in. You will be redirected to
auth.dataops.live, which will become the
centralized login service for all of DataOps.live.
Git over HTTPS will no longer support username & password authentication, users must use the more secure Personal Access Token or use Git over SSH instead.
Web IDE and DDE cloud users are unaffected by git authentication changes
After this change, you can no longer use password authentication when using Git over HTTPS to your local machine. The only supported methods will be HTTPS using personal access tokens (PAT) and SSH.
Users who had previously configured username and password authentication will
need to create a personal access token and reconfigure their Git repositories to
username and PAT authentication before running any new
git pull commands.
Importing repositories by URL will also be affected by this change, but you can still use this functionality by replacing the password with a personal access token.
SSO login enforced
For customers with SSO configured, SSO logins will now be enforced. Users will no longer be able to sign in with a username and password.
SSO redirect URL changes
The domain used in redirect URLs is changing from
auth.dataops.live. Customer SSO configured will need to be updated in advance.
We will be reaching out to affected customers.
OpenID Connect, Google Workspace & Microsoft Azure AD
OpenID Connect, Google Workspace, and Microsoft Azure AD all support multiple
redirect URLs. Customers simply need to add a new redirect URL from
Microsoft Azure AD Example:
Azure -> App Registrations -> DataOps.live -> Authentication
SAML 2.0, ADFS & Ping Federate
Multiple redirect URLs are unsupported for SAML 2.0, ADFS, and Ping Federate. Therefore we will work with customers directly to configure a second connection in advance, which we will automatically switch to when the change is rolled out on DataOps.live
Support for 3rd party email domains
These changes also add support for 3rd party users to be added to your identity provider to allow them to log in to DataOps.live. SSO Customers will no longer be restricted on the email domains that can be used from their IDP.
If you have any issues related to the SSO migration, don't hesitate to contact our support team.