We continue making logging in to Happeo more secure (action required)
7 mins read
Wed, Sep 11, '24
Platform
Use cases
Solutions
Happeo for
Resources
Explore
Available now
Use Cases
Capabilities
Happeo For
Comparisons
Explore
Guides
7 mins read
Wed, Sep 11, '24
To further enhance Happeo’s security and simplify our codebase, we are changing the OAuth client ID used for the Google login. To ensure a smooth transition, some Happeo customers will need to take action. Please read more below.
To keep Happeo secure and our application verified by Google, we are continuing the rollout of using the new OAuth ID for Google Login. We started this rollout in the beginning of 2024 and we are now doing a final update to all the custom login pages to use the new OAuth ID. Once the rollout is complete, we will delete the old OAuth App.
This is a final reminder before our last rollout to customers using custom login pages.
Customers who have configured their Google Workspace to only allow a list of trusted applications to use Google API will need to add the new OAuth App to the trusted list of OAuth apps.
If you are affected, we request you add the new OAuth App to the trusted list in your Google Workspace by the 20th of September 2024.
Your Google Workspace (GW) admin must complete the steps below. If you aren't the GW admin in your organization, please reach out to your IT team to find the right person and instruct them to follow the steps below. Otherwise, your users may see an admin_policy_enforced error when trying to log into Happeo. You can also watch a video walkthrough here.
It may take a maximum of 24 hours for configuration to take effect.
After this change, a test login via app.happeo.com should be successful.
After the 30th of September you can remove the old OAuth App from the trusted list with the ID 138951613013-uqi3t23k2ktajekok62u75qk9umibrjf.apps.googleusercontent.com.
Caution: Removing the old OAuth App from the trusted list before our rollout will lead to login failure for your users.
If you have any questions or need support, please reach out to your Customer Success Manager. We are always happy to help.
We are implementing the change in order to improve the security posture of our login flow, as a part of our continuous security enhancement practice. After the update, we will no longer store security tokens in our database, which is a more secure practice. This method is already used by customers who have configured and applied a custom login page. Although the current set-up used by the rest of our customers hasn’t caused any security issues, moving to the new login flow is a natural step towards modern SaaS security.
The update will also simplify our codebase. This will enable us to both build new features and fix bugs faster due to the reduced complexity.
In this case, you need to check if you can access Happeo via app.happeo.com. If the login fails with an admin_policy_enforced error, then you are affected by this change. Please take action as described above.