StrongDM incident

SAML-based authentications were failing.

Major Resolved View vendor source →

StrongDM experienced a major incident on March 13, 2024, lasting —. The incident has been resolved; the full update timeline is below.

Started
Mar 13, 2024, 02:57 PM UTC
Resolved
Mar 12, 2024, 10:00 PM UTC
Duration
Detected by Pingoru
Mar 13, 2024, 02:57 PM UTC

Update timeline

  1. resolved Mar 13, 2024, 02:57 PM UTC

    March 12, 22:09 UTC: SDM revoked a set of older encryption keys. March 13, 00:14 UTC: A signing certificate used to verify SAML-based authentications fell out of cache and was re-retrieved and re-decrypted, but this decryption failed as it was encrypted using revoked keys. March 13, 10:12 UTC: SDM was alerted to failures authenticating via SAML, affecting SSO logins. This also affected access to Snowsight resources, which use SAML for authentication. March 13, 11:24 UTC: Issue was escalated and began restoring the relevant revoked keys. March 13, 12:07 UTC: Revoked keys were restored. Issue resolved.