Incident Summary
On December 11, 2024, some clients experienced issues accessing our platform due to failures with Single Sign-On (SSO) logins. Specifically, customers with expired SAML certificates were unable to log in, as the new version of the SAML library used in our application introduced stricter validation for certificate expiration. This validation was not enforced in previous versions of the library.
Resolution
Upon identifying the root cause, we implemented the following steps to resolve the issue:
Short-term fix: We manually adjusted the configuration in the SAML library to temporarily allow expired certificates, ensuring immediate restoration of SSO functionality for affected customers. Additionally, we reached out to some impacted customers and assisted them in updating their SSO certificates.
This fix restored normal operations while we worked on a long-term solution.
Next Steps for Improvement
To prevent similar incidents in the future, we are implementing the following measures:
- Automated Testing: New automated test cases will be added to validate SSO functionality for scenarios involving expired certificates.
- Certificate Updates: We will work with customers to obtain updated certificates for those with expired ones.
- Validation Enforcement: Once updated certificates are in place, we will revert to enforcing certificate expiration validation to ensure compliance with security standards.