EVE SSO Readiness

The login route can pass the callback gate after the other feature, credential, and scope checks are ready.

Before State Cookie

Blocked on mismatch

Before CCP Redirect

Blocked on mismatch

EVE login cannot be exposed until the EVE Developer Portal callback exactly matches the public WarpIntel callback.

Evidence

https://warpintel.app/api/auth/eve/callback

The app only reports whether credentials are present; client ID and client secret values stay excluded.

Evidence

runtime presence only

First sign-in stays limited to public identity before feature-specific private ESI permissions are requested.

Evidence

publicData

Each private-data feature has a preview path so users can review requested scopes before OAuth starts.

Evidence

8 preview-only feature consent plan(s)

The login route stays inside WarpIntel before OAuth state cookies or CCP redirects when the production gate is not ready.

Evidence

OAuth blocked before state and provider redirect

Protected admin packets cover setup and dry-run review without returning credentials, tokens, account data, or private EVE data.

Evidence

/api/admin/eve/setup-packet and /api/admin/eve/dry-run

Production smoke covers the safe EVE auth boundary routes, including state failure, without exchanging tokens.

Evidence

/api/health, /api/auth/eve/readiness, session, login gate, consent preview, callback state failure

Confirm the EVE Developer application, callback, and credentials belong to WarpIntel only and no separate-project account is used.

Owner

project-owner

Evidence

EVE Developer Portal application review

Confirm the production callback exactly matches https://warpintel.app/api/auth/eve/callback before OAuth can start.

Owner

operator

Evidence

protected setup packet

Confirm client credentials are stored only in protected project systems and are never copied into chat, logs, docs, screenshots, or public pages.

Owner

operator

Evidence

protected credentials and environment review

Confirm first sign-in asks only for publicData and private feature scopes remain user-consent gated until the feature needs them.

Owner

project-owner

Evidence

consent preview

Run one controlled production publicData sign-in test after the feature flag is enabled and verify public health stays no-secret.

Owner

build-team

Evidence

production live sign-in test notes

Record only secret-free commit, deployment, callback, scope, and smoke outcomes in the WarpIntel tracker.

Owner

operator

Evidence

project tracker

Wrong account or application state stops activation before users can start OAuth.

Callback or first-login scope drift rolls the lane back to preview-only consent review.

Unexpected OAuth, token, or private-data exposure returns EVE SSO to the locked public readiness state.

Public sign-in is hidden until the production callback is confirmed.

9 of 10 permission groups are fully allowed in the runtime scope list.

Public Identity: 1/1 scope(s) allowed.

Contacts And Standings: 5/5 scope(s) allowed.

Skills And Fit Readiness: 5/5 scope(s) allowed.

Character Audit Profile: 9/9 scope(s) allowed.

Personal Market And Industry: 8/8 scope(s) allowed.

Planetary Industry Colonies: 1/1 scope(s) allowed.

Fleet And SRP Context: 5/5 scope(s) allowed.

Corporation Operations: 15/15 scope(s) allowed.

Corporation Governance: 6/6 scope(s) allowed.

Optional Write Or Client Actions: 2/8 scope(s) allowed; 6 still gated.

/dashboard: 1 scope(s).

/fit-lab: 5 scope(s).

/character-audit: 22 scope(s).

/market: 8 scope(s).

/pi: 1 scope(s).

/srp: 5 scope(s).

/corp-audit: 21 scope(s).

/fleets: 13 scope(s); 8 high-trust; 8 write/action.