Auth Process

On Stage we guard the entire application with an authentication process.

The authentication process is as follows:

flowchart TD
    A[Request] --> B{"IsSSoRequest | GlobalComponentsRequest"}
    B -->|yes| C[pass]
    B -->|no| D[hasAuthHeader]
    D -->|no| E[hasAuthCookie]
    D -->|yes| C
    E -->|no| F[AuthProcess]
    E -->|yes| C

calls to some SSO Endpoints are allowed without authentication but with narrow conditions, see the function isByPassRequest. For automated tests, the x-stage-authorization header can be set with a valid token to bypass the authentication process. All other requests are required to have an Cookie header. This cookie can be obtained through the Authentication Provider (currently Cognito, will be replaced with Okta).

Last updated: March 31, 2026 at 13:35

By: renovate-token-app[bot]

📄 View source

Repository: PIT-Shared/central-cdn