EVE SSO Pilot

EVE SSO Pilot Readiness

This public mirror shows whether WarpIntel is ready for the first controlled EVE login test. It uses only public-safe counts, public route labels, proof outcomes, and no-secret safety checks. The actual owner packets, credentials, tokens, sessions, account payloads, provider setup, and private EVE data stay outside this page.

Pilot StatePilot Review

Ready for controlled login.

Pilot Gates8/10

0 gate(s) block the first controlled login test.

Runbook4/6

2 step(s) still need review before execution.

Proof Targets10

Every target is listed as no OAuth and no private data from this public view.

Account Gates5/8

0 account launch gate(s) still block the pilot.

Feature Consent8

Feature-specific consent plans stay preview-only until a user asks for that feature.

Live Smoke19

Route, rollback, and account-control checks remain part of the pilot gate.

Public MirrorReady

No protected admin routes, secrets, tokens, cookies, or private account data are exposed.

ready

Account launch packet ready

Public-safe evidence is present for this pilot gate.

Public Evidence: /eve-sso-launch

ready

Launch gate owner review safe

Public-safe evidence is present for this pilot gate.

Public Evidence: /eve-sso-launch

review

Auth flow handoff

Public-safe evidence exists, but controlled-login approval still needs review.

Public Evidence: /eve-sso-readiness

review

Feature flag owner switch

Public-safe evidence exists, but controlled-login approval still needs review.

Public Evidence: /eve-sso-launch

ready

publicData first-login scope

Public-safe evidence is present for this pilot gate.

Public Evidence: /permissions/preview?scopes=publicData&returnTo=/dashboard

ready

Callback and credential presence

Public-safe evidence is present for this pilot gate.

Public Evidence: /eve-sso-readiness

ready

Proof targets ready

Public-safe evidence is present for this pilot gate.

Public Evidence: /api/auth/eve/readiness

ready

Rollback decision points ready

Public-safe evidence is present for this pilot gate.

Public Evidence: /eve-sso-test-plan

ready

Live-smoke checklist ready

Public-safe evidence is present for this pilot gate.

Public Evidence: /status

ready

Account data-rights controls ready

Public-safe evidence is present for this pilot gate.

Public Evidence: /data-rights

ready

Review protected packets

This runbook step can be reviewed from public-safe evidence.

Public Route: /eve-sso-launch

ready

Confirm publicData preview

This runbook step can be reviewed from public-safe evidence.

Public Route: /permissions/preview?scopes=publicData&returnTo=/dashboard

review

Enable the feature flag only for the controlled run

This runbook step is staged but should not be executed until owner approval.

Public Route: /eve-sso-launch

review

Run one publicData login test

Run only after callback, credentials, feature flag, and owner review are ready.

Public Route: /api/auth/eve/login?returnTo=/dashboard

ready

Verify logout, disconnect, export, and delete guards

This runbook step can be reviewed from public-safe evidence.

Public Route: /data-rights

ready

Run production live smoke and record tracker evidence

This runbook step can be reviewed from public-safe evidence.

Public Route: /api/health

preflight

EVE SSO readiness JSON

Returns public-safe setup counts and keeps live sign-in locked until required gates pass.

Route: /api/auth/eve/readiness
Safety: No OAuth, no private data

preflight

Session status guard

Returns a private no-store session boundary without exposing account payloads.

Route: /api/auth/eve/session?returnTo=/dashboard
Safety: No OAuth, no private data

controlled pilot

Login gate check

Stays locked until the feature flag, callback, and runtime credentials are approved.

Route: /api/auth/eve/login?returnTo=/dashboard
Safety: No OAuth, no private data

preflight

First consent preview JSON

Shows the first-login consent preview without redirecting to CCP.

Route: /api/auth/eve/consent-preview?scopes=publicData&returnTo=/dashboard
Safety: No OAuth, no private data

preflight

First consent preview page

Shows the user-facing first-login permission text before OAuth is available.

Route: /permissions/preview?scopes=publicData&returnTo=/dashboard
Safety: No OAuth, no private data

preflight

Callback state-failure guard

Rejects bad state proof without token exchange or private account reads.

Route: /api/auth/eve/callback?code=smoke&state=bad
Safety: No OAuth, no private data

account controls

Logout control

Responds through the protected account-control guard without exposing session values.

Route: /api/auth/eve/logout
Safety: No OAuth, no private data

account controls

Disconnect control

Keeps disconnect behind the protected account-control guard.

Route: /api/auth/eve/disconnect
Safety: No OAuth, no private data

account controls

Account export guard

Keeps account export private and unavailable to anonymous public traffic.

Route: /api/account/export
Safety: No OAuth, no private data

account controls

Account delete guard

Keeps destructive account actions gated and unavailable to anonymous public traffic.

Route: /api/account/delete
Safety: No OAuth, no private data

Public Boundary

Public EVE SSO pilot readiness exposes aggregate gate counts, public route labels, no-secret runbook labels, account-control guard labels, and proof target outcomes only. It does not expose client credential values, EVE tokens, cookie values, session payloads, private EVE data, account payloads, provider credentials, raw logs, protected admin packet bodies, or separate-project account details, and it does not start OAuth, exchange tokens, mutate sessions, call EVE or CCP, write database rows, run account export, run account delete, disconnect an account, or log a user out.

Pilot Readiness JSON EVE SSO Readiness Launch Checklist Test Plan Permission Activation Plan Data Rights Status Health JSON