Hi, I am writing to inform you about Treeherder’s new login flow. In the past, logging in with Treeherder meant being redirected to the login.taskcluster.net service. This had a couple of drawbacks, but one of the main annoyance was that credentials expired every 3 days. You are probably already familiar with the following error: "Your credentials are expired. They must expire every 3 days (Bug 1328434). Log out and back in again to refresh your credentials."
The new login flow now uses Auth0 instead of login.taskcluster.net for SSO. Some relevant information to note: - When you login for the first time, you will get a prompt asking permission for treeherder.mozilla.org to access “full-user-credentials”. It’s not something to be worried about. This is simply a request to access your taskcluster credentials. Bug 1437116 was created to change that to "taskcluster-credentials”. - Treeherder session will stay alive as long as access to the site happens once every 24 hours. 3 days session expiry is no longer in effect. - If an email is associated with multiple login providers, then the most secure login method should be used (LDAP > GitHub 2FA > GitHub > Google > Passwordless). Thanks, Hassan _______________________________________________ dev-platform mailing list email@example.com https://lists.mozilla.org/listinfo/dev-platform