Hi guys,
It's time again to test our authentication fallback service which is used in case of prolong down time to Auth0. We want to perform authentication fire drill to test this service in production.
The major change since last time that this has now been enabled for asymmetric signing algorithm and we use our own AWS account to run our authentication fallback service.
Why?
To ensure that our fallback service always works as intended and to check for issues. Thus, we'll be prepared when Auth0 is down for real.
When?
Thursday 09 May 2019 at 21.00 - 21.30 GMT+7 Jakarta time.
How?
We'll simulate Auth0 is down and release our fallback service. Users who try to login during the time will be redirected to our Fallback Service for authentication.
You're welcome to test this yourself. This doc shows the PIC that will test the service https://docs.google.com/document/d/163Kt5-swgsxVU3VAm6GfKTSpGFr_BJUkp3srupJcumY/edit?usp=sharing.
Expected outcome?
User could login using fallback service and they could use the tools with their existing permissions / privilege.
User who doesn't have permission will have their login rejected.
Impact?
Users who haven't login by that time
You will be redirected to our fallback service for authentication. There, you will authenticate using our Traveloka Google credential.
Users who have login by that time
You should not notice any change. But, if your session expires during that time, you will be redirected to our fallback service for authentication.
Caveat
If you have never login to the tools until Thursday 09 May 8am at the latest, you won't be able to login when the fire drill is on ; sorry
:grin: