Skip to content
Scalekit Docs

Production launch checklist

As you prepare to deploy your Scalekit integration to production, it’s crucial to verify that all configurations are optimized for security and user experience.

The following checklists help ensure your implementation is production-ready and efficient.

As you get ready to deploy your Single Sign-On (SSO) implementation to production, it’s important to double-check that everything is properly configured for optimal security and a seamless user experience. The checklist below outlines recommended steps to ensure your SSO integration is robust, efficient, and maintainable in a live environment.

  1. Use appropriate environment variables

    Switch from development to production credentials, including the client ID, client secret, and environment URL.

  2. Secure the client secret

    Your client secret is akin to a key to your application. Secure it with the utmost care. Go through our best practices guide to learn how to manage the client secrets safely and securely.

  3. Verify redirect URI configuration

    Double-check your redirect URI settings in the production environment to ensure they point to the correct endpoints. For guidelines on valid configurations, visit our Redirect URI configuration guide.

  4. Test the single sign-on flows

    Ensure that you have implemented and tested all possible single sign-on workflows between your application and your customer’s identity providers. Go through our how-to guide to understand all the SSO scenarios and how to validate them for production readiness. Especially, ensure you have validated for the following important business cases:

    • SP initiated SSO
    • IdP initiated SSO
    • Errors during SSO flow
  5. Finalize branding & theming

    For a consistent and professional user experience, confirm your branding (logos, accent colors, etc) is applied to the Admin Portal.

  6. Review Admin Portal URL

    Customize the Admin Portal URL to match your domain (for example, https://sso.b2b-app.com) for a seamless brand experience. Also, remember to update .env file post-CNAME configuration.

  7. Graceful error handling

    Test your integration thoroughly across all possible edge cases, including incomplete, invalid, or duplicate data submissions.