We’re moving into enterprise and these larger businesses need SSO.
Background
There’s basically one way to build this, but we have an option of whether we build it ourselves or use a 3rd party vendor to deliver on it.
Scope
We are limiting the scope to two reasonable implementations of SSO given our prior knowledge and research into the existing solutions space. We will compare the two options and use this doc to decide on which high level approach to take.
Requirements
We require SSO for our new enterprise clients, and to date have not supported the technology. We plan to either build our own, or purchase a commercially available solution. In either case, we need to at minimum, support SSO visa Okta and other SCIM providers.
SSO reviewers & stewards
Person
Role
Person
Role
1
Buck Dubois
Eng Lead
2
James Booth
Security Lead
3
Joel Davis
VP of Eng
There are no rows in this table
🖌 High level design
Having considered the option space, we decided to either implement SSO functionality ourselves, based on industry standards published by Microsoft, or implement a third party library which handles the authentication for us. In the latter case, we will wrap the API with a custom UX.
Potential implementations considered
Build it ourselves
This would give us greater control but will take more time and investment.
Partner with 3rd party
There are increasingly more plug-and-play technologies that work with our stack. These would enable us to get it to market faster and focus on our other advantages.
🧪 Testing
Unit Tests
We will integrate the new SSO functionality into our existing unit test suite. Specifically, we will add unit tests for user creation, deletion, and modification via SSO, as well as the full sign in and out process.
Integration Tests
Our integration tests will interact with the third party sandbox environment if we decide to use a third party provider. If not, we will build our own ‘faker service’ to replicate the response of a typical provider.
Visual Tests
All new UI’s for user sign in and admin provisioning will be added to Storybook.
Looks good?
+7
💬 Discussion
Discussed
Topic
Author
Upvote
Notes
Discussed
Topic
Author
Upvote
Notes
1
Can we see examples of how competitors have design this to get a better idea of what’s possible?
Polly Rose
2
Is this a priority now? Or can it wait a few months?