GSA-TTS / tts-tech-operations

TTS Technology Operations
https://handbook.tts.gsa.gov/tech-operations/
Other
6 stars 0 forks source link

GSA Auth - Figma #1745

Closed JJediny closed 1 week ago

JJediny commented 2 months ago
### Tasks
- [x] Submit Intake Form https://docs.google.com/forms/d/e/1FAIpQLSeyPMkNiJh70lPl2xsbg1UUeg5D-QG22YpoSVJlQQnpHeCeMw/viewform
- [x] Pre-communications to Users
- [x] Setup new SAML
- [x] Date selected to swap out IDP (10/11/24)
- [x] Swap SecureAuth to Okta SAML Certificate
JJediny commented 2 months ago

https://www.figma.com/files/1233938721735543664/admin/members?fuid=1334280196415662476

CSV user list pulled

JJediny commented 2 months ago

8/27 GSA Auth POC janaki.bhogineni@gsa.gov meeting and follow up

Hi John,

As discussed, I am sharing the Prod app "Figma-GSA" metadata with you. Please check with the vendor regarding downtime needed or any possibility of eliminating downtime. You can also plan any access management or authorization requirements with the vendor regarding new integration with GSA Auth(OKTA)

Please find the metadata of IDP here for "Figma-GSA" integration.

Figma never implemented SecureAuth and does not support authenticated SAML. Postponing migration to a net new application onboarding in Q1 FY25

cash466 commented 3 weeks ago

10/2/24 sent pre communication to user - planned authentication change for Friday 10/11/24

JJediny commented 1 week ago

We confirmed access with 5 users and turned on SSO only, we will have to carry a POAM for lack of vendor-side encryption (until/if it becomes supported by the vendor)