Improving access and security for your projects

Gain greater control over authentication and mitigation with single sign-on

We trust that you are creating great applications. And we want to help you keep those applications secured. So we are introducing multiple changes to our infrastructure to improve the performance and security of our user management.

We plan to release those changes by April 29th, 2020. You can follow the maintenance window on Platform.sh StatusPage.

To get started, we have designed a more secure and user-friendly log-in application. Existing URLs will automatically redirect you to the new one, so there is no change to make on your existing login workflow.

We are also instituting strong customer authentication. Starting April 29th, Platform.sh will enforce the following password policy for new users and for existing users who choose to change their password:

• Passwords must be at least 10 characters in length and include one lower case letter, one upper case letter, one number, and one special character.
• Users can't reuse one of their eight previous passwords.

In addition, we are dropping support for the CLI password login. This has been deprecated for a while in favor of the browser login with platform login or API token login with platform auth:api-token-login.

We are also dropping support for logging in using a username. You will now be required to login with your email address if you are not using an external federated account (like Google, GitHub or Bitbucket).

Finally, we are enabling Single Sign-On (SSO), which allows an organization to use its own identity provider to authenticate their Platform.sh users. It will provide for greater mitigation controls, empowering you to deactivate users and deny project access to those without the proper user credentials.

SSO will be available to our Elite and Enterprise customers. Contact our sales team if you are interested in learning more about this topic.

So keep on creating great applications, and we’ll keep on keeping them safe.