EVE SSO Launch
EVE SSO Launch Checklist
WarpIntel keeps public tools available without sign-in. The first live EVE login stays hidden until the production callback, publicData first-login scope, feature-specific consent previews, owner review, and live smoke checks are all ready.
EVE sign-in is feature-flagged off until the production callback is confirmed and a test sign-in succeeds.
https://warpintel.app/api/auth/eve/callback
Private feature scopes stay out of first sign-in.
Preview-only feature consent bundles are staged before OAuth starts.
0 required gate(s) still block public sign-in.
Callback, credentials, scope, smoke, and tracker evidence stay explicit.
Owner-run smoke evidence stays route-based and no-secret.
Wrong app, callback drift, or unexpected OAuth behavior has a defined stop path.
Only safe readiness labels and counts are public.
Production Callback Exact Match
EVE login cannot be exposed until the EVE Developer Portal callback exactly matches the public WarpIntel callback.
- Evidence
- https://warpintel.app/api/auth/eve/callback
Runtime Credentials Present
The app only reports whether credentials are present; client ID and client secret values stay excluded.
- Evidence
- runtime presence only
publicData First Login
First sign-in stays limited to public identity before feature-specific private ESI permissions are requested.
- Evidence
- publicData
Feature Consent Previews
Each private-data feature has a preview path so users can review requested scopes before OAuth starts.
- Evidence
- 8 preview-only feature consent plan(s)
Runtime Login Guard
The login route stays inside WarpIntel before OAuth state cookies or CCP redirects when the production gate is not ready.
- Evidence
- OAuth blocked before state and provider redirect
Protected Review Packets
Protected admin packets cover setup and dry-run review without returning credentials, tokens, account data, or private EVE data.
- Evidence
- /api/admin/eve/setup-packet and /api/admin/eve/dry-run
Live Smoke Routes
Production smoke covers the safe EVE auth boundary routes, including state failure, without exchanging tokens.
- Evidence
- /api/health, /api/auth/eve/readiness, session, login gate, consent preview, callback state failure
EVE SSO readiness JSON
Public no-secret readiness feed returns the current launch gate.
- Route
- /api/auth/eve/readiness
Session preview
Signed-out session preview returns safe app-local state only.
- Route
- /api/auth/eve/session?returnTo=/dashboard
Login gate
Login remains inside WarpIntel until callback, credentials, publicData, and feature flag are ready.
- Route
- /api/auth/eve/login?returnTo=/dashboard
publicData consent preview
First-login publicData consent can be reviewed before OAuth starts.
- Route
- /api/auth/eve/consent-preview?scopes=publicData&returnTo=/dashboard
Permission preview page
User-facing permission preview renders the first-login scope safely.
- Route
- /permissions/preview?scopes=publicData&returnTo=/dashboard
Bad-state callback smoke
Callback state failure redirects safely without token exchange.
- Route
- /api/auth/eve/callback?code=smoke&state=bad
Logout control
Logout clears app-local auth state and returns through a safe redirect.
- Route
- /api/auth/eve/logout
Disconnect control
Disconnect stays safe when unauthenticated and does not expose token state.
- Route
- /api/auth/eve/disconnect
Account export guard
Account export is protected and returns unauthorized when signed out.
- Route
- /api/account/export
Account delete guard
Account deletion is protected and redirects safely when signed out.
- Route
- /api/account/delete
WarpIntel Account Boundary Review
Confirm the EVE Developer application, callback, and credentials belong to WarpIntel only and no separate-project account is used.
- Evidence
- EVE Developer Portal application review
Callback And Domain Review
Confirm the production callback exactly matches https://warpintel.app/api/auth/eve/callback before OAuth can start.
- Evidence
- protected setup packet
Credential Storage Review
Confirm client credentials are stored only in protected project systems and are never copied into chat, logs, docs, screenshots, or public pages.
- Evidence
- protected credentials and environment review
First Login Scope Review
Confirm first sign-in asks only for publicData and private feature scopes remain user-consent gated until the feature needs them.
- Evidence
- consent preview
Controlled Login Smoke Review
Run one controlled production publicData sign-in test after the feature flag is enabled and verify public health stays no-secret.
- Evidence
- production live sign-in test notes
Tracker Record
Record only secret-free commit, deployment, callback, scope, and smoke outcomes in the WarpIntel tracker.
- Evidence
- project tracker
Wrong EVE App Or Account
Wrong account or application state stops activation before users can start OAuth.
- Safe Action
- Stop activation, keep EVE login hidden, rotate or remove the mismatched runtime values, and restage the WarpIntel-only app before retrying.
Callback Or Scope Drift
Callback or first-login scope drift rolls the lane back to preview-only consent review.
- Safe Action
- Disable the EVE SSO feature flag, keep consent previews public-only, and correct the callback or scope approval before another test.
Unexpected OAuth Or Private Data Exposure
Unexpected OAuth, token, or private-data exposure returns EVE SSO to the locked public readiness state.
- Safe Action
- Disable login, clear runtime EVE credentials if needed, verify no-store public health and live smoke, and review logs without publishing sensitive values.
Public Boundary
Public EVE gate health exposes status booleans, safe counts, permission-group coverage counts, preview-only feature consent metadata, activation criteria, owner-handoff counts, owner proof-target counts, rollback decision counts, the expected callback, and runtime login guard state only; it never exposes client IDs, client secrets, EVE tokens, account data, or private EVE data.
Review the full readiness view at EVE SSO Readiness, the user-facing permission model at Permissions, or the machine-readable status at EVE SSO JSON.