We’ve reinforced the SSO authentication flow across all identity providers used on HERAW. Following a security issue identified on Microsoft’s side, we’ve updated our authentication process to add an email verification step for all SSO logins — including Microsoft, Google, Okta, and others.

This additional verification ensures that the email address passed via the SSO provider is indeed valid and belongs to the person trying to access HERAW. Users will now receive an email asking them to confirm their identity upon first connection.

This improvement brings higher security, stronger trust, and consistent protection across all your teams, regardless of the authentication method used.