OAuth Security Validation During SSO Login
Overview
This update introduces a security validation step during SSO login that ensures the instance OAuth credentials are valid during execution process.
Objective
To validate OAuth credentials after an SSO login attempt. If the credentials do not pass verification against the selected instance, the execution is aborted, and the user is shown a friendly message.
Feature Details
Trigger: SSO login is initiated by the user.
New Check: After SSO authentication is successful, the system will:
- Retrieve the instance OAuth Credentials.
- Validate the instance OAuth Credentials.
Outcome
If validation passes: Execution will proceed.
If validation fails: Execution will not proceed and a message will appear.
Note:
The reason to introduce this additional security layer is to prevent unauthorized access in scenarios where someone may have basic information about your instance—such as the instance ID or a valid username. By enforcing OAuth-based credential verification, the system ensures that only users with properly authenticated and configured OAuth access in CodeBot can proceed with execution. This helps protect against potential data leaks and enhances instance-level security by requiring verified authorization before any actions are allowed.
If you need any further guidance on the process, feel free to reach out to us.
Thank you!
Updated on: 26/09/2025
Thank you!