Skip to main content

Improved Account Security

We are moving to a new sign-in flow for all users as part of an upcoming release. The change will improve your account security by enforcing SSO and removing support for passwords for Git over HTTPS.

What this means

New sign-in experience

Users on will be directed to a new sign-in experience when logging in. You will be redirected to, which will become the centralized login service for all of

Git authentication


Git over HTTPS will no longer support username & password authentication, users must use the more secure Personal Access Token or use Git over SSH instead.


Web IDE and DDE DevReady users are unaffected by git authentication changes

After this change, you can no longer use password authentication when using Git over HTTPS to your local machine. The only supported methods will be HTTPS using personal access tokens (PAT) and SSH.

Users who had previously configured username and password authentication will need to create a personal access token and reconfigure their Git repositories to username and PAT authentication before running any new git clone, git push, or git pull commands.

Importing repositories by URL will also be affected by this change, but you can still use this functionality by replacing the password with a personal access token.

SSO login enforced

For customers with SSO configured, SSO logins will now be enforced. Users will no longer be able to sign in with a username and password.

SSO redirect URL changes


The domain used in redirect URLs is changing from to Customer SSO configured will need to be updated in advance.

We will be reaching out to affected customers.

OpenID Connect, Google Workspace & Microsoft Azure AD

OpenID Connect, Google Workspace, and Microsoft Azure AD all support multiple redirect URLs. Customers simply need to add a new redirect URL from to

Microsoft Azure AD Example:

Azure -> App Registrations -> -> Authentication

high-level Microsoft Azure AD Example !!shadow!!

SAML 2.0, ADFS & Ping Federate

Multiple redirect URLs are unsupported for SAML 2.0, ADFS, and Ping Federate. Therefore we will work with customers directly to configure a second connection in advance, which we will automatically switch to when the change is rolled out on

Support for 3rd party email domains

These changes also add support for 3rd party users to be added to your identity provider to allow them to log in to SSO customers will no longer be restricted on the email domains that can be used from their IDP.

Non-SSO customers

For customers not using SSO, users will continue to sign in using their username and password.

Reset/Change password

Non-SSO users can reset/change their password by selecting the Forgot your password? link during the new sign-in experience. Here they can enter their email address and receive a password reset email which will allow them to set a new password for their account.

Getting support

If you have any issues related to the SSO migration, don't hesitate to contact our support team.