Skip to main content
LandTelemetry Feature Gated  CC0 Licensed Auth0 + OAuth 2.0 OIDC / SAML / Okta Planned  PlayForm

CodeEditorLand Portal Roadmap

Land supports four authentication tiers: Cloud account sync, OAuth provider identity, local-first Air daemon control, and enterprise SSO. The local editor works without any of them.

Cloud Plan

Coming Soon
Online

Cloud Plan

Planned hosted sync for users who want account-backed state. The local editor should remain useful without this service.

Included

  • SyncComing SoonPlanned workspace sync across devices +  + 
  • BackupComing SoonPlanned encrypted backup for selected configuration +  + 
  • TeamComing SoonPlanned shared team workspace support + 
  • ExtensionsComing SoonMarketplace installation is planned after local extension paths stabilize +  + 
  • RemoteComing SoonRemote development integration is planned +  + 

Capabilities

Planned account tokens for hosted servicesComing Soon
Okta SSO belongs to the enterprise planComing Soon
MFA support depends on the configured identity providerComing Soon
Gateway RBAC is plannedComing Soon
Audit logging is plannedComing Soon
Developer certificate automation is plannedComing Soon
Protocol:HTTPS / TLS 1.3
Settings ManagedIncluded in all tiers

Provider Plan

Coming Soon

OAuth 2.0   Profile + Email scope   Linked to your preferences

OAuth 2.0

Provider Plan

Sign in with GitHub, GitLab, or Google through OAuth 2.0 PKCE. Provider identity links your editor session to source repositories and hosted services you already use.

Included

  • GitHubComing SoonGitHub identity is planned as a low-friction sign-in optionGitHub +  + 
  • SSOComing SoonSingle sign-on across Land services is planned +  + 
  • RepositoryComing SoonSettings sync tied to provider identity is planned +  + 
  • TeamComing SoonOrganization and team membership sync is planned +  + 
  • CI/CDComing SoonCI/CD integration belongs to later portal work +  + 

Capabilities

OAuth 2.0 / PKCE support where provider flows are enabledComing Soon
Minimal OAuth scopes - only what each provider integration requiresComing Soon
Refresh token handling depends on provider configurationComing Soon
Webhook subscriptions are plannedComing Soon
Organization-level access policies are plannedComing Soon
Developer certificate automation is plannedComing Soon
Protocol:OAuth 2.0 / PKCE
Settings ManagedIncluded in all tiers

Local-First

Coming Soon
Air DaemonScanning...

Zero cloud dependency   JWT certificates   mTLS

Local-First

Local-First

The Air daemon runs as a persistent background process handling updates, file indexing, signing, and health monitoring. The portal surface for browser-to-daemon control is in development - the daemon itself is active source today.

Included

  • Air DaemonComing SoonBrowser-to-daemon loopback control is planned +  + 
  • BuildComing SoonLaunching builds from the website console is planned +  + 
  • DeployComing SoonDeploying changes into a running editor is planned + 
  • ConfigureComing SoonEditor configuration management is planned + 
  • ExtensionsComing SoonInstalled VS Code extensions run unmodified through the Cocoon path when their APIs are implemented + 
  • OfflineComing SoonLocal editor operation should not require a cloud login +  + 
  • Embedded SaaSComing SoonEmbedding portal surfaces into the editor is planned +  + 

Capabilities

Short-lived local credentials are plannedComing Soon
mTLS mutual authentication is planned for daemon controlComing Soon
CRDT state synchronization - planned for conflict-free offline editsComing Soon
Fully local team management is plannedComing Soon
Local certificate authority code exists in Mountain; portal integration is plannedComing Soon
WebSocket loopback connection is plannedComing Soon
Local RBAC policies are plannedComing Soon
Encrypted local backup is plannedComing Soon
Protocol:mTLS / WebSocket planned
Settings ManagedIncluded in all tiers

Enterprise Plan

Coming Soon

OpenID Connect Discovery  +  SAML 2.0 Assertion  +  SCIM 2.0 User Provisioning

Planned

Enterprise Plan

Connect Land to your organisation's identity infrastructure via OIDC, SAML 2.0, or SCIM. Enterprise SSO and directory provisioning are in development.

Included

  • OktaComing SoonOkta SSO integration is plannedOkta +  + 
  • Azure ADComing SoonAzure AD / Entra ID integration is plannedMicrosoft +  + 
  • SAML 2.0Coming SoonSAML 2.0 support is planned +  + 
  • SCIMComing SoonSCIM provisioning is planned +  + 
  • GroupsComing SoonIdP group to Land role mapping is planned +  + 
  • AuditComing SoonAudit export is planned +  + 

Capabilities

OIDC discovery is plannedComing Soon
Just-in-time provisioning is plannedComing Soon
MFA enforcement depends on the configured IdPComing Soon
Session duration policy is plannedComing Soon
Organization CA certificate management is plannedComing Soon
Compliance documentation is plannedComing Soon
Protocol:OIDC / SAML 2.0 / SCIM planned
Settings ManagedIncluded in all tiers