EVE SSO Acceptance

EVE SSO Acceptance

This public mirror shows whether WarpIntel is ready to expose limited publicData EVE login after a controlled owner-pilot run. It publishes only aggregate criteria, evidence-field counts, public route labels, rollback labels, and safety checks. The protected evidence values, credentials, tokens, sessions, account payloads, and private EVE data stay out of this page.

Acceptance StateAcceptance Review

Public login remains hidden.

Acceptance Criteria9/12

0 criterion still blocks public login exposure.

Evidence Fields0/10

10 protected evidence field(s) still need the pilot result.

Owner DecisionKeep Gated

Keep Public Login Gated Until Evidence Recorded

Decision Checklist4/8

4 item(s) still need review.

Source Packets3/3

Protected packet bodies stay private; only public route labels are shown here.

Rollback5

Rollback labels stay visible before any public login exposure.

Public MirrorReady

No protected admin routes, secrets, tokens, cookies, or private account data are exposed.

ready

Controlled-login pilot gate ready

Public-safe acceptance evidence is present for this criterion.

Public Evidence
/eve-sso-pilot-readiness
ready

First-login scope remains publicData only

Public-safe acceptance evidence is present for this criterion.

Public Evidence
/permissions/preview?scopes=publicData&returnTo=/dashboard
ready

Production callback reviewed

Public-safe acceptance evidence is present for this criterion.

Public Evidence
/eve-sso-readiness
ready

Runtime credential presence reviewed without exposing values

Public-safe acceptance evidence is present for this criterion.

Public Evidence
/eve-sso-readiness
review

Owner pilot result recorded

The controlled owner-pilot result has not been recorded yet.

Public Evidence
/eve-sso-acceptance
review

Session cookie behavior reviewed

This criterion is staged, but public login should stay hidden pending review.

Public Evidence
/api/auth/eve/session?returnTo=/dashboard
ready

Token-health risk signals reviewed

Public-safe acceptance evidence is present for this criterion.

Public Evidence
/eve-sso-launch
ready

Private EVE data stays excluded

Public-safe acceptance evidence is present for this criterion.

Public Evidence
/data-rights
ready

Rollback path ready

Public-safe acceptance evidence is present for this criterion.

Public Evidence
/eve-sso-test-plan
review

Public login feature flag reviewed

This criterion is staged, but public login should stay hidden pending review.

Public Evidence
/eve-sso-launch
ready

Tracker evidence row ready

Public-safe acceptance evidence is present for this criterion.

Public Evidence
/releases
ready

Post-pilot live smoke ready

Public-safe acceptance evidence is present for this criterion.

Public Evidence
/api/health
required

Pilot timestamp

This evidence field still needs the controlled owner-pilot result.

required

Reviewer

This evidence field still needs the controlled owner-pilot result.

required

Tested return route

This evidence field still needs the controlled owner-pilot result.

required

Selected scope group

This evidence field still needs the controlled owner-pilot result.

required

CCP consent result

This evidence field still needs the controlled owner-pilot result.

required

Callback result

This evidence field still needs the controlled owner-pilot result.

required

Session status result

This evidence field still needs the controlled owner-pilot result.

required

Token-health result

This evidence field still needs the controlled owner-pilot result.

required

Rollback decision

This evidence field still needs the controlled owner-pilot result.

required

Tracker row URL or row number

This evidence field still needs the controlled owner-pilot result.

review

Pilot evidence fields complete

This decision check still needs protected owner-pilot evidence.

review

Pilot outcome passed

This decision check still needs protected owner-pilot evidence.

review

Owner public-login decision ready

This decision check still needs protected owner-pilot evidence.

review

Tracker row recorded

This decision check still needs protected owner-pilot evidence.

ready

First-login scope stays publicData only

This decision check is ready from public-safe evidence.

ready

Token-health review stays clean

This decision check is ready from public-safe evidence.

ready

Public login remains gated after review

Public login remains hidden until acceptance evidence is complete.

ready

Rollback and live-smoke path ready

This decision check is ready from public-safe evidence.

rollback

Disable the public EVE SSO feature flag

Public Route
/eve-sso-launch
rollback

Verify session status returns private no-store JSON

Public Route
/api/auth/eve/session?returnTo=/dashboard
rollback

Verify consent preview remains dry and publicData-only

Public Route
/api/auth/eve/consent-preview?scopes=publicData&returnTo=/dashboard
rollback

Rerun production live smoke

Public Route
/api/health
rollback

Record owner decision and rollback evidence

Public Route
/releases
safe

EVE SSO acceptance page

Shows aggregate owner-pilot acceptance readiness without protected evidence values.

Route
/eve-sso-acceptance
Safety
No OAuth, no private data
safe

EVE SSO acceptance JSON

Returns no-store aggregate counts and safety booleans only.

Route
/api/auth/eve/acceptance-readiness
Safety
No OAuth, no private data
safe

Pilot readiness mirror

Shows whether the controlled login pilot gate is ready.

Route
/eve-sso-pilot-readiness
Safety
No OAuth, no private data
safe

Pilot readiness JSON

Keeps protected packet details out of the public pilot readiness feed.

Route
/api/auth/eve/pilot-readiness
Safety
No OAuth, no private data
safe

publicData consent preview

Shows first-login permissions before any live OAuth redirect is exposed.

Route
/permissions/preview?scopes=publicData&returnTo=/dashboard
Safety
No OAuth, no private data
safe

publicData consent preview JSON

Returns dry-run consent text without starting an EVE login.

Route
/api/auth/eve/consent-preview?scopes=publicData&returnTo=/dashboard
Safety
No OAuth, no private data
safe

Session boundary

Keeps session state private and no-store for anonymous public checks.

Route
/api/auth/eve/session?returnTo=/dashboard
Safety
No OAuth, no private data
safe

Data rights

Keeps export, deletion, disconnect, and logout control expectations visible.

Route
/data-rights
Safety
No OAuth, no private data
safe

EVE SSO launch checklist

Shows public feature-flag and callback readiness without credential values.

Route
/eve-sso-launch
Safety
No OAuth, no private data
safe

Health JSON

Lets production smoke verify acceptance coverage and no-secret boundaries.

Route
/api/health
Safety
No OAuth, no private data

Public Boundary

Public EVE SSO acceptance exposes aggregate acceptance counts, evidence-field labels, owner-decision labels, rollback labels, public route labels, source-packet status labels, and proof target outcomes only. It does not expose owner evidence values, client credential values, EVE tokens, cookie values, session payloads, raw scopes, private EVE data, account payloads, provider credentials, raw logs, protected admin packet bodies, or separate-project account details, and it does not start OAuth, exchange tokens, mutate sessions, call EVE or CCP, read tokens, read private EVE data, write database rows, call providers, or run account-control actions.

Acceptance JSONPilot ReadinessEVE SSO ReadinessLaunch ChecklistTest PlanPermission Activation PlanData RightsReleasesHealth JSON