Time: May 16, 2023, 10:38 p.m.

Status: Postmortem

Update: We apologize for any inconvenience experienced during this incident, and we treat such disruptions seriously. Below is a summary of the issue, a root cause, and what we are doing to improve service going forward. ‌ Incident Description A TLS certificate that is used on an endpoint for SA IdP dashboard metric data collection expired on May 9. This meant HTTPS connections to this endpoint failed and caused SA IdP dashboard metric data to become outdated, degrading service for part of the administrative console. After some customers reported an issue with outdated metrics, the SecureAuth team investigated and fixed the issue by renewing the TLS certificate. The new certificate was in place by 6:10 PM on May 12. Data was refreshed around 1:30 AM on May 13, allowing the normal metric refresh period to run its course. Root Cause The DevOps team recently replaced several expiring certificates, and this one was missed due to a monitoring gap. Corrective Actions The DevOps team is following up by ensuring the TLS certificate monitoring gap is addressed and by reviewing additional monitoring requirements for the endpoint in question. Note: All times/dates are UTC.

Time: May 13, 2023, 2:15 a.m.

Status: Resolved

Update: Dashboards are again populating with data - if you continue to have issues, please contact [email protected]

Time: May 12, 2023, 6:28 p.m.

Status: Monitoring

Update: A fix has been implemented and we are monitoring the results.

Time: May 12, 2023, 6:28 p.m.

Status: Identified

Update: The issue was an expired certificate within the backend services. The certificate has been updated and the job to update the dashboards will run later this afternoon to update the dashboards. Dashboards should be updated at roughly 1900 PST.

Time: May 12, 2023, 5:32 p.m.

Status: Investigating

Update: The Dashboard data for the SA IdP is not updating for login information. This is not impacting any SA IdP services or logins, only the reporting mechanism.

Time: May 16, 2023, 10:38 p.m.

Status: Postmortem

Update: We apologize for any inconvenience experienced during this incident, and we treat such disruptions seriously. Below is a summary of the issue, a root cause, and what we are doing to improve service going forward. ‌ Incident Description A TLS certificate that is used on an endpoint for SA IdP dashboard metric data collection expired on May 9. This meant HTTPS connections to this endpoint failed and caused SA IdP dashboard metric data to become outdated, degrading service for part of the administrative console. After some customers reported an issue with outdated metrics, the SecureAuth team investigated and fixed the issue by renewing the TLS certificate. The new certificate was in place by 6:10 PM on May 12. Data was refreshed around 1:30 AM on May 13, allowing the normal metric refresh period to run its course. Root Cause The DevOps team recently replaced several expiring certificates, and this one was missed due to a monitoring gap. Corrective Actions The DevOps team is following up by ensuring the TLS certificate monitoring gap is addressed and by reviewing additional monitoring requirements for the endpoint in question. Note: All times/dates are UTC.

Time: May 13, 2023, 2:15 a.m.

Status: Resolved

Update: Dashboards are again populating with data - if you continue to have issues, please contact [email protected]

Time: May 12, 2023, 6:28 p.m.

Status: Monitoring

Update: A fix has been implemented and we are monitoring the results.

Time: May 12, 2023, 6:28 p.m.

Status: Identified

Update: The issue was an expired certificate within the backend services. The certificate has been updated and the job to update the dashboards will run later this afternoon to update the dashboards. Dashboards should be updated at roughly 1900 PST.

Time: May 12, 2023, 5:32 p.m.

Status: Investigating

Update: The Dashboard data for the SA IdP is not updating for login information. This is not impacting any SA IdP services or logins, only the reporting mechanism.

Time: April 28, 2023, 9:26 p.m.

Status: Postmortem

Update: # Incident Description At 4/28/2023 3:15 AM UTC, the DevOps team did a planned, minor update to traffic management appliances during a maintenance window. While no downtime was expected and all configurations were tested in lower environments, the new update in production did not respect TLS cipher suite configuration as expected. This created a TLS negotiation issue between the SA IdP appliances and the traffic management appliances, blocking some logins from occurring. Unfortunately, the post-change test suite did not detect the issue. After hearing about difficulties from some customer reports and first-hand observations, the DevOps team identified the issue and rolled back the change to restore service at 4:15 AM UTC \(4/28/23\). # Root Cause An update to the update to traffic management appliances did not obey a declarative configuration for TLS cipher suites. This caused a TLS negotiation failure between SA IdP appliances and the traffic management appliances, blocking some logins. # Corrective Actions We apologize for any inconvenience caused during this disruption in service. The SecureAuth team will pause any further changes to the traffic management appliances until we have sorted out the associated configuration issue \(which we plan to solve in the next few weeks\). In addition, any future updates done to these appliances will be done during a planned maintenance window where we notify customers that there may be downtime expected \(regardless of such risk\). Finally, we will review our post-change test plan to evaluate adding tests that would discover such trouble points in the future.

Time: April 28, 2023, 5:07 a.m.

Status: Resolved

Update: We have found the issue and have made the proper steps to restore service for affected for SaaS-IdP tenants. Further details will be provided in an RCA once the operations team concludes the issue investigation.

Time: April 28, 2023, 5:06 a.m.

Status: Identified

Update: We are experiencing technical difficulties during our maintenance window with all SaaS-IdP connections.

Time: April 28, 2023, 9:26 p.m.

Status: Postmortem

Update: # Incident Description At 4/28/2023 3:15 AM UTC, the DevOps team did a planned, minor update to traffic management appliances during a maintenance window. While no downtime was expected and all configurations were tested in lower environments, the new update in production did not respect TLS cipher suite configuration as expected. This created a TLS negotiation issue between the SA IdP appliances and the traffic management appliances, blocking some logins from occurring. Unfortunately, the post-change test suite did not detect the issue. After hearing about difficulties from some customer reports and first-hand observations, the DevOps team identified the issue and rolled back the change to restore service at 4:15 AM UTC \(4/28/23\). # Root Cause An update to the update to traffic management appliances did not obey a declarative configuration for TLS cipher suites. This caused a TLS negotiation failure between SA IdP appliances and the traffic management appliances, blocking some logins. # Corrective Actions We apologize for any inconvenience caused during this disruption in service. The SecureAuth team will pause any further changes to the traffic management appliances until we have sorted out the associated configuration issue \(which we plan to solve in the next few weeks\). In addition, any future updates done to these appliances will be done during a planned maintenance window where we notify customers that there may be downtime expected \(regardless of such risk\). Finally, we will review our post-change test plan to evaluate adding tests that would discover such trouble points in the future.

Time: April 28, 2023, 5:07 a.m.

Status: Resolved

Update: We have found the issue and have made the proper steps to restore service for affected for SaaS-IdP tenants. Further details will be provided in an RCA once the operations team concludes the issue investigation.

Time: April 28, 2023, 5:06 a.m.

Status: Identified

Update: We are experiencing technical difficulties during our maintenance window with all SaaS-IdP connections.

Time: April 20, 2023, 3:54 a.m.

Status: Postmortem

Update: # Incident Description A routine database automatic scaling operation failed around 9:30 AM ET on 4/19/2023. This caused the database cluster to become unresponsive and fail to accept connections. While data integrity was unaffected, data availability was compromised. The SecureAuth team worked to restore service and forced the scaling operation to finish. Once the scaling operation finished, the database cluster once again was accepting connections and service was restored around 12:30 PM ET on 4/19/2023. # Root Cause It appears that the automatic scaling operation failed to complete due to an issue with the database platform in general. One cluster node was marked unhealthy by the scaling algorithm incorrectly, and this prevented the rest of the cluster nodes from scaling properly. The database cluster began rejecting connections soon thereafter. # Corrective Actions Typically such automatic scaling operations are seamless and without incident. However, given the conditions for auto-scale failure on 4/19/2023, we acknowledge there is still risk with such activity. The SecureAuth team is following up with a database platform vendor for more information regarding the scaling operation failure. In the meantime, any auto-scale operations for this database cluster have been suspended, and the SecureAuth team will monitor capacity and do any scaling activity for this database cluster during planned maintenance windows. Finally, the SecureAuth team is confirming vendor best practices are being followed for any/all connections to this database cluster and will make adjustments as needed. Note: times are Eastern time zone.

Time: April 19, 2023, 5:39 p.m.

Status: Resolved

Update: All customers should have returned to normal. Please contact SecureAuth Support ([email protected]) if you are still having issues.

Time: April 19, 2023, 4:42 p.m.

Status: Monitoring

Update: Services have been restored and we will continue to monitor the situation to ensure no further issues.

Time: April 19, 2023, 4:23 p.m.

Status: Identified

Update: Updated estimated resolution time 1:00pm Eastern Time. Continuing to recover the underlying database infrastructure components.

Time: April 19, 2023, 3:41 p.m.

Status: Identified

Update: Identified an issue with the underlying database infrastructure which should be resolved by 12:15pm Eastern Time (9:15am Pacific/16:15 UTC).

Time: April 19, 2023, 2:48 p.m.

Status: Investigating

Update: The SecureAuth Authentication services have been impacted by a issue within the backend services - we are working with the appropriate teams and third-parties to isolate and resolve.