Write Technote to allow a new Platform to implement single sign on using GitHub authentication

[silvester-pari]

Note that a new Platform should be able to follow this process to allow an authenticated GitHub user to: 1) Navigate to the EarthCODE portal 2) Click on a link to a third party platform 3) Go to the third party platform and gain access as an authenticated GitHub user on that platform.

Silvester to confirm that this user Journey (or another acceptable one) can be implemented without lots of pain and define how it will work.

We need this in place to have an integration solution to work with any platform selected for EarthCODE.

ESA: authentication with EOIAM may need to be considered later, but not now.

[silvester-pari]

This tech note can be provided once we have the basic EarthCODE Portal set up and first integration of an external service, so we can concretely describe the steps and configuration to integrate external services.

[silvester-pari]

Here is a first draft of the technote, please note that additional technical details (like e.g. configuration snippets) will be provided once verified (see previous message):

---

EarthCODE TechNote: Seamless Cross-Platform Login via GitHub

Purpose: To provide EarthCODE users with a streamlined login experience when accessing EarthCODE resources and third-party platforms that utilize GitHub as an identity provider (IdP).

Prerequisites:

• EarthCODE Account: Users must have an existing EarthCODE account associated with their GitHub profile.
• Third-Party Platform Account: Users must have an account (or be eligible to create one) on the third-party platform that utilizes GitHub as an IdP.

Steps:

1. EarthCODE Login: Navigate to the EarthCODE Portal and initiate the login process. Select "Login with GitHub" and authorize the EarthCODE application to access your GitHub profile.

2. Access Third-Party Link: Upon successful EarthCODE login, locate and click on the link or button that directs you to the third-party platform.

3. GitHub Authentication Redirect: You will be automatically redirected to the GitHub authentication page. If you are already logged into GitHub in your current browser session, you will be seamlessly logged into the third-party platform.

4. Additional Permissions (if needed): The third-party platform may request additional permissions from your GitHub account beyond those requested by EarthCODE. If so, you will be prompted to review and agree to these permissions before proceeding.

Technical Considerations:

• OAuth 2.0: This seamless login experience is based on the OAuth 2.0 authorization protocol, which allows secure delegation of authentication and authorization between EarthCODE, GitHub, and the third-party platform.

• User Consent: Users will be explicitly asked to grant permission for EarthCODE and the third-party platform to access their GitHub profile information during the authentication process.

• Security: The exchange of authentication tokens and user information is secured using industry-standard encryption protocols.

Additional Notes:

This process is designed to simplify the user experience by minimizing the number of login prompts. The technical implementation may vary slightly depending on the specific third-party platform.