Doppler syncs secrets to Heroku via a Heroku OAuth application. This application is created in the Heroku dashboard and must be owned by a single Heroku user account.
Doppler’s previous Heroku OAuth application was owned by a specific Doppler employee’s Heroku account without access to any additional resources. During a routine external account audit, this account was mistakenly identified as unused and manually deleted by our security team. This irrecoverably deleted Doppler’s existing Heroku OAuth application, thereby breaking any existing syncs and requiring the creation of a new OAuth application in a new account.
Because users had authorized our previous Heroku OAuth application to their Heroku account(s), users need to authorize the new Heroku OAuth application. This involves reconnecting the integration from the Doppler dashboard. Once the integration is reconnected, Doppler will re-enable all associated syncs that have been disabled and perform a fresh sync.
Note that the previous OAuth application was deleted and therefore no action is required to remove its access to your Heroku account.
Internally, we’re reorganizing how shared accounts used for critical functionality are stored in 1Password. This new 1Password organization should help prevent this kind of accidental deletion in the future. We avoid shared accounts whenever possible, but this isn’t always feasible given third party implementations.
We'll also be adding our individual integrations to our status page. This will allow customers to more easily see which integrations, if any, are currently experiencing issues.