SSO and Development Workflow

Help me!
1

@louis I don’t know if you are still our customer rep, but just in case I thought I would tag you. If that account has been handed off to someone else, then please tag them. Thanks.

Feature(s) impacted

  • Development Workflow

Observed behavior

When attempting to init my project that has SSO enabled, I get an error:

√ Selecting your project
× Analyzing your setup
× This token is not allowed to access resources for the organization Finicity, a MasterCard Company, which requires you to connect using SSO

Expected behavior

Should be a way to added developer tokens to allow access to the project.

Failure Logs

√ Selecting your project
× Analyzing your setup
× This token is not allowed to access resources for the organization Finicity, a MasterCard Company, which requires you to connect using SSO

Context

SSO has only recently been enable, and developer workflow was not set up prior to SSO

  • Project name: woodpecker
  • Team name: developers
  • Environment name: all environments
  • Agent type & version: “forest-express”: “^9.4.4”, “forest-express-sequelize”: “^8.5.4”
  • Recent changes made on your end if any: Enabled SSO
3

Hello @Andrew_Prior,

To access any project that has SSO enabled you must be connected using SSO to avoid any security issues. You can perform the forest user command to see if you are connected with your regular account or with the SSO one.

Example of account connected without SSO

> forest user
> Email: morganp@forestadmin.com (connected without SSO)

In this case, can you can:

Example of account connected with SSO

> forest user
> Email: morganp@forestadmin.com (connected with SSO)

This time this token allows you to perform actions on a project with SSO enabled. :pray:

Let me know if you encounter any issues.

Kind regards,
Morgan

1 Like
4

As a side note, you can also generate an application token from the Account Settings while connected with SSO.

Account Settings > Application tokens > + add Generate a new token

Then you can use it with:

forest login --token=<YOUR_SSO_APPLICATION_TOKEN> --email=<YOUR_EMAIL>

Kind regards,
Morgan

5

When I try to generate a token on my account I get an error:

Our server encountered an error

The console has this error in it:

Error while processing route: user-settings.application-tokens.generate Cannot read properties of undefined (reading 'id') TypeError: Cannot read properties of undefined (reading 'id') at i.captureSelectedTeam (https://app.forestadmin.com/assets/client-8824b3af4501269ea6ba01758c5c5554.js:1:4197884) at i.captureContext (https://app.forestadmin.com/assets/client-8824b3af4501269ea6ba01758c5c5554.js:1:4197661) at r.ensureCurrentUserIsPopulated (https://app.forestadmin.com/assets/client-8824b3af4501269ea6ba01758c5c5554.js:1:4060050) at n.beforeModel (https://app.forestadmin.com/assets/client-8824b3af4501269ea6ba01758c5c5554.js:1:3937902) at M.runBeforeModelHook (https://app.forestadmin.com/assets/vendor-b22584ca7f56c6365d876dac31ad6280.js:58:456853) at https://app.forestadmin.com/assets/vendor-b22584ca7f56c6365d876dac31ad6280.js:58:455654 at b (https://app.forestadmin.com/assets/vendor-b22584ca7f56c6365d876dac31ad6280.js:58:475141) at v (https://app.forestadmin.com/assets/vendor-b22584ca7f56c6365d876dac31ad6280.js:58:475033) at invoke (https://app.forestadmin.com/assets/vendor-b22584ca7f56c6365d876dac31ad6280.js:58:418835) at d.flush (https://app.forestadmin.com/assets/vendor-b22584ca7f56c6365d876dac31ad6280.js:58:417895) at p.flush (https://app.forestadmin.com/assets/vendor-b22584ca7f56c6365d876dac31ad6280.js:58:419675) at B._end (https://app.forestadmin.com/assets/vendor-b22584ca7f56c6365d876dac31ad6280.js:58:424760) at B._boundAutorunEnd (https://app.forestadmin.com/assets/vendor-b22584ca7f56c6365d876dac31ad6280.js:58:421182)

6

Hey @Andrew_Prior,

Sorry for the inconvenience. I’m not able to reproduce the issue (either in normal or SSO authentications).

  • Were you connected in SSO while you encounter the error?
  • Did you generate it with the interface (Account Settings)?

Kind regards,
Morgan