identity
identity copied to clipboard
heroku
[DEPRECATED] Login and OAuth management service for Heroku
 whenever i try to deploy a heroku app from my github repo, this is what happens. Help me out. Github repo : [fantony](https://github.com/Tonyfanto/fantony) problem facing area : [heroku...
If you attempt to change your email and click the confirmation link using a browser that's not logged in, you'll see a login screen. If you attempt to login at...
So people will be more aware of what's going on when trying to log in. /cc @heroku/sre for interest!
Steps to reproduce 1. Setup [email protected] account 2. Login as [email protected] 3. Logout 4. Reset password for [email protected] account 5. No reset is sent! 6. Lookup the password reset hash...
During an SSO init, if an existing oauth dance is going on with an untrusted client, this line will show the authorization page: https://github.com/heroku/identity/blob/master/lib/identity/login_external.rb#L24 Then when 'Authorize' button is hit...
[In DevCenter](https://devcenter.heroku.com/articles/two-factor-authentication#recovering-from-lock-out), we warn: > If you are locked out due to a two-factor issue, DO NOT reset your password. We should put this on the reset password page.
In https://id.heroku.com/account/password/reset, if you leave the email input blank and clicks on submit, looks like everything went well.   The email input field should be required to avoid this.
We upgraded fernet to the latest but there's still some code to fallback to the legacy fernet: https://github.com/heroku/identity/pull/205. The TTL for cookie is 2592000 sec (30 days). We should be...
