Gallery
eng
Engineering team hub
Share
Explore
Gallery
eng
Engineering team hub
Design docs

icon picker
SSO design

🗺 Context

Status:
In Review
. To track this feature, see
@SSO enhancement
.

storytelling

Abstract

We’re moving into enterprise and these larger businesses need SSO.

Background

There’s basically one way to build this, but we have an option of whether we build it ourselves or use a 3rd party vendor to deliver on it.

Scope

We are limiting the scope to two reasonable implementations of SSO given our prior knowledge and research into the existing solutions space. We will compare the two options and use this doc to decide on which high level approach to take.

Requirements

We require SSO for our new enterprise clients, and to date have not supported the technology. We plan to either build our own, or purchase a commercially available solution. In either case, we need to at minimum, support SSO visa Okta and other SCIM providers.
SSO reviewers & stewards
Person
Role
1
Buck Dubois
Eng Lead
2
James Booth
Security Lead
3
Joel Davis
VP of Eng
There are no rows in this table

🖌 High level design

Having considered the option space, we decided to either implement SSO functionality ourselves, based on industry standards published by Microsoft, or implement a third party library which handles the authentication for us. In the latter case, we will wrap the API with a custom UX.

Potential implementations considered

1-circle

Build it ourselves

This would give us greater control but will take more time and investment.
2-circle

Partner with 3rd party

There are increasingly more plug-and-play technologies that work with our stack. These would enable us to get it to market faster and focus on our other advantages.

🧪 Testing

Unit Tests

We will integrate the new SSO functionality into our existing unit test suite. Specifically, we will add unit tests for user creation, deletion, and modification via SSO, as well as the full sign in and out process.

Integration Tests

Our integration tests will interact with the third party sandbox environment if we decide to use a third party provider. If not, we will build our own ‘faker service’ to replicate the response of a typical provider.

Visual Tests

All new UI’s for user sign in and admin provisioning will be added to Storybook.


Looks good?
+7


💬 Discussion

Discussed
Topic
Author
Upvote
Notes
1
Can we see examples of how competitors have design this to get a better idea of what’s possible?
Polly Rose
2
Is this a priority now? Or can it wait a few months?
Adam Davis
There are no rows in this table





Gallery
Share
 
Want to print your doc?
This is not the way.
Try clicking the ⋯ next to your doc name or using a keyboard shortcut (
CtrlP
) instead.