re-authentication problem
This is about the constant re-auth requests when using Personal/Business Hub. I think with the 2024 or 2025 versions, you introduced a new way to authenticate against this data source where a browser window pops up. It is quite a bother since then, I opened tickets and you told me, that it is here to stay but can I ask again to overthing the conept? I understand security is important, but there must be a better way to do this.
Every network change (very common when working in the field on a notebook and troubleshooting network issues) brings up the pop up, takes away 10-15 seconds and people are loosing focus.
When working in the office, everytime the PC goes to sleep and re-awakens, the damn pop up comes up again.
We don't see any such behaviour in other apps..
All Comments (6)
Hi @perler,
We're currently investigating this issue where network changes are causing token invalidation. For now, you can set your datasource to use an embedded browser instead which should reduce focus loss. You can enable it by going to your datasource settings -> Advanced -> Authentication browser mode -> Embedded.
Cheers,
Luc Fauvel
Thanks for investigating, but I am under the impression that you are just investigating the symptoms and not the source of the problem.
My question is: why are we re-authenticating at all? Take as an example Bitwarden browser extensions. You authenticate with whatever authentication method you have enabled once, and, if you choose so, when the browser restarts, this is fair. The idea is that you prove that you are allowed to access the secrets store, and once you have done so, you yourself are responsible to secure the access to your device. So you put a security measure in front of your login as every sane person is doing, and your secrets within Devolutions Business Hub are still secure, no need to reauth.
You shouldn't have to re-authenticate. We use OAuth with 5 minute access tokens and 30 day refresh tokens. You shouldn't have to re-authenticate unless you've been inactive for 30 days. Currently there is an issue in RDM where tokens are being discarded prematurely and that is what we're investigating.
Luc Fauvel
ah, ok, but I see the described behaviour since I switched to Devolution * Hub one or two years ago. The sequence is:
- RDM starts
- Auth against Hub (pop up window external/internal browser)
- "disconnect" event (network change/sleep/logoff)
- go to 2 but credentials are stored.
Step 4 is the annoying step. My problem is not, that I need to re-enter credentials (I don't) but that a browser window pops up which I then are allowed to close, so what is the point? When the browser pops up all kinds of windows resize, menus get grey/black, logins not working things happen until reauth is finnished and this is the part that needs to be reworked IMO.
Are you saying that step 4 will be gone when you fix it?
Yes, you can already alleviate step 4 with the Authentication Browser Mode setting I mentioned before and yes when the issue will be resolved, you shouldn't get any browser prompt unless you've been inactive for 30 days.
Luc Fauvel
no, I have this setting for ages, never did anything but popping up an embedded browser instead of an external but thanks, if you fix this once and for all I am happy :)