AppDev
Application development
Articles
Architecture
-
Identity Verification FlowPolicy
FlowPolicy is a lightweight structure used to manage dependencies between Identity Verification steps -
Identity Verification Rate Limiting
Rate limits in identity verification
Deploying
-
Acuant SDK Test Plan
Pre-deploy manual test plan for the Acuant SDK -
Deploy Schedule for Automated Deploys
The daily deploy schedule for IdP, PKI and Dashboard in lower environments -
Deploying new IdP and PKI code
Release Manager’s Guide for Production -
Deploying the Sample Apps
How to deploy oidc-sinatra and saml-sinatra to cloud.gov
Development
-
A/B Testing Process
Basic documentation on how Login.gov does A/B testing -
Feature flags
Purpose and lifecycle of a feature flag, used when developing large new features. -
How to Manage the 50/50 State
During deploys, both new and old instances are serving requests. This is called the 50/50 state and requires careful management when changing code that is used across instances. -
Identity Proofing Testing
Tips and tricks for testing identity verification (“proofing”) -
SAML: Development
High-level overview of the flow of SAML in the IdP code -
Secrets and Configuration
How to update IdP and Rails app configuration (feature flags) and secrets application.yml, and how to use theapp-s3-secret
script -
Testing vendor APIs with live credentials
Best practices for testing with sensitive keys
Oncall
-
AppDev Oncall
Responsibilities and runbook for AppDev oncall -
Bug Bounty Triage
How to handle bug bounty reports -
Deployer Rotation
Spreadsheet to track the AppDev Deployer -
Team Daytime Oncall
Responsibilities for individual team daytime oncall
Setup
-
Windows Virtual Machine Setup
Setting up a Windows VM on your Mac so you can test Internet Explorer
Tasks
-
Contact Form Updating Instructions
Procedure for updating fields in the Help Center’s Contact Form -
Key rotation guide
Guide for rotating secrets for the IdP and PKI codebases -
SAML: Annual Certificate Rotation
How to perform annual certificate rotation -
Translation process
Process and guidelines for localization and string translation (i18n) -
Updating MaxMind GeoIP database
Instructions for updating our IP address geolocation database -
Updating Pwned Passwords Dataset
Instructions for updating Pwned Passwords dataset in s3
X509 and PIV/CAC Certificates
-
OpenSSL Command Line Recipes
Commands for common certificate tasks, useful for PIV/CAC or AAMVA credentials -
Troubleshooting PIV/CAC logins and Managing Certificates
If somebody has trouble using their PIV/CAC with Login.gov, and also how to download new certificates from Certificate Authorities -
Troubleshooting expiring PIV/CAC certs
Guide on finding new certs if a cert is expiring
Other Articles
-
Device profiling and fraud detection
Information about configuring and testing device profiling and fraud detection -
Environment Descriptions
Listing of environments and the differences between them, like prod, pt, dm, int or dev -
IAL2 Common Errors List
List of the most common IAL2 errors -
Triage User Issues
Rails console scripts and Cloudwatch queries, for debugging the IdP -
Troubleshooting the Sandbox
Troubleshooting issues with the Login.gov sandbox/int environment