The switch from `full-user-credentials` to `taskcluster-credentials` has now occurred, meaning users will see a one-off Auth0 scopes prompt for the new permissions next time they log into Treeherder.
The cause of the frequent log-outs is also believed to be fixed - please comment on bug 1437824 if experiencing otherwise. (Sessions will be maintained as long as the site has been visited once every 24 hours; bug 1439858 is filed for seeing if that can be raised to extend over weekends etc) Best wishes, Ed On Friday, 9 February 2018 17:30:26 UTC, ha...@mozilla.com wrote: > Hi, > > I am writing to inform you about Treeherder’s new login flow. In the past, > logging in with Treeherder meant being redirected to the > login.taskcluster.net service. This had a couple of drawbacks, but one of the > main annoyance was that credentials expired every 3 days. You are probably > already familiar with the following error: "Your credentials are expired. > They must expire every 3 days (Bug 1328434). Log out and back in again to > refresh your credentials." > > The new login flow now uses Auth0 instead of login.taskcluster.net for SSO. > Some relevant information to note: > > - When you login for the first time, you will get a prompt asking permission > for treeherder.mozilla.org to access “full-user-credentials”. It’s not > something to be worried about. This is simply a request to access your > taskcluster credentials. Bug 1437116 was created to change that to > "taskcluster-credentials”. > > - Treeherder session will stay alive as long as access to the site happens > once every 24 hours. 3 days session expiry is no longer in effect. > > - If an email is associated with multiple login providers, then the most > secure login method should be used (LDAP > GitHub 2FA > GitHub > Google > > Passwordless). > > Thanks, > Hassan _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
