getsantry[bot]
commented
1 year ago Assigning to @getsentry/support for routing, due by (sfo). ⏲️
Open ghost opened 1 year ago
getsantry[bot]
commented
1 year ago Assigning to @getsentry/support for routing, due by (sfo). ⏲️
getsantry[bot]
commented
1 year ago Routing to @getsentry/enterprise for triage, due by (sfo). ⏲️
dromadaire54
commented
1 year ago it's very annoying to not be able to use the admin account
ShipraShalini
commented
1 year ago We have Github SSO for the devs but the admin team doesn't have Github accounts. So devs need to email the invoice every month to the admin team as the admins can't log in. The other solution can be option to send invoice to certain emails every month.
getsantry[bot]
commented
1 year ago Routing to @getsentry/product-owners-sign-in for triage ⏲️
vicker
commented
10 months ago Just want to show my support to add this feature.
In my organisation's case, we have projects collaborating with 3rd party vendors. While we want to enforce internal staff to use SSO only, we still want the 3rd party vendors to use local account credentials.
leedongwei
commented
10 months ago @vicker If email/password login is allowed but open registration is disabled, how would an external vendor create a Sentry account? Would you want Sentry to have a separate account creation/provisioning flow?
I'm rather hesitant to implement this because it's an uncommon use-case. IT teams would typically create a SSO account for external vendors that's clearly labeled (e.g. email address is ext.firstnamelastname@company.com) so it's easier to onboard/offboard them.
vicker
commented
10 months ago @leedongwei
We will invite the vendor to join Sentry via email. Doing this manually is unavoidable somehow, as we also need to assign which projects the vendor could access.
On the other hand, the SSO account does have licensing concerns. Creating a bunch of paid accounts for vendors may not be justifiable. Not to mention that creating such accounts will also create recurring account operations like password policy, MFA, etc...
leedongwei
commented
10 months ago Gotcha. Yea, there's going to be a manual part to your workflow anyway.
It's not on the top of my priority queue but we can do this when the team has spare cycles.
Pashaflayt
commented
3 months ago Any news?
leedongwei
commented
3 months ago Still no updates. Sorry!
dmitry-mightydevops
commented
3 weeks ago Any updates?
leedongwei
commented
3 weeks ago Tech specs are being planned to rework authentication from ground up, likely to start shipping in mid/late Q1.
Unfortunately, the login screen is on Django templates which will be deprecated, so we will not invest more time on it at the moment.
The page at https://develop.sentry.dev/self-hosted/sso/#sso-with-oauth mentions the following:
Both that PR and the linked issue are closed and locked by the github bot, so I am opening this issue instead of commenting on them.
To clarify, I do not want open registration. I want to be able for some users to log in via SSO, and some users to log in with a password. Some users who should be able to view issues in our Sentry project don't have an account with our SSO provider, and unfortunately this means that nobody with a SSO account can use it.
Thanks!