I am writing to inform you about Treeherder’s new login flow.  In the past, 
logging in with Treeherder meant being redirected to the login.taskcluster.net 
service. This had a couple of drawbacks, but one of the main annoyance was that 
credentials expired every 3 days. You are probably already familiar with the 
following error: "Your credentials are expired. They must expire every 3 days 
(Bug 1328434). Log out and back in again to refresh your credentials."

The new login flow now uses Auth0 instead of login.taskcluster.net for SSO. 
Some relevant information to note:

- When you login for the first time, you will get a prompt asking permission 
for treeherder.mozilla.org to access “full-user-credentials”. It’s not 
something to be worried about. This is simply a request to access your 
taskcluster credentials. Bug 1437116 was created to change that to 

- Treeherder session will stay alive as long as access to the site happens once 
every 24 hours. 3 days session expiry is no longer in effect.

- If an email is associated with multiple login providers, then the most secure 
login method should be used (LDAP > GitHub 2FA > GitHub > Google > 

dev-platform mailing list

Reply via email to