diff --git a/ui-v2/app/adapters/oidc-provider.js b/ui-v2/app/adapters/oidc-provider.js
index 7d1da6df3c8a..f2b65da2e220 100644
--- a/ui-v2/app/adapters/oidc-provider.js
+++ b/ui-v2/app/adapters/oidc-provider.js
@@ -33,7 +33,7 @@ export default Adapter.extend({
       ${{
         ...Namespace(ns),
         AuthMethod: id,
-        RedirectURI: `${this.env.var('CONSUL_BASE_UI_URL')}/torii/redirect.html`,
+        RedirectURI: `${this.env.var('CONSUL_BASE_UI_URL')}/oidc/callback`,
       }}
     `;
   },
diff --git a/ui-v2/app/components/auth-dialog/README.mdx b/ui-v2/app/components/auth-dialog/README.mdx
new file mode 100644
index 000000000000..676d55379661
--- /dev/null
+++ b/ui-v2/app/components/auth-dialog/README.mdx
@@ -0,0 +1,56 @@
+## AuthDialog
+
+```handlebars
+<AuthDialog @dc={{dc}} @nspace={{}} @onchange={{action 'change'}} as |api components|>
+  {{#let components.AuthForm components.AuthProfile as |AuthForm AuthProfile|}}
+    <BlockSlot @name="unauthorized">
+      Here's the login form:
+      <AuthForm />
+    </BlockSlot>
+    <BlockSlot @name="authorized">
+      Here's your profile:
+      <AuthProfile />
+      <button onclick={{action api.logout}} />
+    </BlockSlot>
+  {{/let}}
+</AuthDialog>
+```
+
+### Arguments
+
+A component to help orchestrate a login/logout flow.
+
+| Argument | Type | Default | Description |
+| --- | --- | --- | --- |
+| `dc` | `String` | | The name of the current datacenter |
+| `nspace` | `String` | | The name of the current namespace |
+| `onchange` | `Function` | | An action to fire when the users token has changed (logged in/logged out/token changed) |
+
+### Methods/Actions/api
+
+| Method/Action |  Description |
+| --- | --- |
+| `login` | Login with a specified token |
+| `logout` | Logout (delete token) |
+| `token` | The current token itself (as a property not a method) |
+
+### Components
+
+| Name |  Description |
+| --- | --- |
+| [`AuthForm`](../auth-form/README.mdx) | Renders an Authorization form |
+| [`AuthProfile`](../auth-profile/README.mdx) | Renders a User Profile |
+
+### Slots
+
+| Name  | Description |
+| --- | --- |
+| `unauthorized` | This slot is only rendered when the user doesn't have a token |
+| `authorized`   | This slot is only rendered whtn the user has a token.|
+
+### See
+
+- [Component Source Code](./index.js)
+- [Template Source Code](./index.hbs)
+
+---
diff --git a/ui-v2/app/components/auth-dialog/chart.xstate.js b/ui-v2/app/components/auth-dialog/chart.xstate.js
new file mode 100644
index 000000000000..ce4730745393
--- /dev/null
+++ b/ui-v2/app/components/auth-dialog/chart.xstate.js
@@ -0,0 +1,34 @@
+export default {
+  id: 'auth-dialog',
+  initial: 'idle',
+  on: {
+    CHANGE: [
+      {
+        target: 'authorized',
+        cond: 'hasToken',
+        actions: ['login'],
+      },
+      {
+        target: 'unauthorized',
+        actions: ['logout'],
+      },
+    ],
+  },
+  states: {
+    idle: {
+      on: {
+        CHANGE: [
+          {
+            target: 'authorized',
+            cond: 'hasToken',
+          },
+          {
+            target: 'unauthorized',
+          },
+        ],
+      },
+    },
+    unauthorized: {},
+    authorized: {},
+  },
+};
diff --git a/ui-v2/app/components/auth-dialog/index.hbs b/ui-v2/app/components/auth-dialog/index.hbs
new file mode 100644
index 000000000000..e12a4d05d600
--- /dev/null
+++ b/ui-v2/app/components/auth-dialog/index.hbs
@@ -0,0 +1,40 @@
+<StateChart @src={{chart}} as |State Guard Action dispatch state|>
+
+  <Guard @name="hasToken" @cond={{action 'hasToken'}} />
+  <Action @name="login" @exec={{action 'login'}} />
+  <Action @name="logout" @exec={{action 'logout'}} />
+  {{! This DataSource just permanently listens to any changes to the users }}
+  {{! token, whether thats a new token, a changed token or a deleted token }}
+  <DataSource
+    @src="settings://consul:token"
+    @onchange={{queue (action (mut token) value="data") (action dispatch "CHANGE") (action (mut previousToken) value="data")}}
+  />
+  {{! This DataSink is just used for logging in from the form, }}
+  {{! or logging out via the exposed logout function }}
+  <DataSink
+    @sink="settings://consul:token"
+    as |sink|
+  >
+    {{yield}}
+    {{#let (hash
+      login=(action sink.open)
+      logout=(action sink.open null)
+      token=token
+    ) (hash
+      AuthProfile=(component 'auth-profile' item=token)
+      AuthForm=(component 'auth-form' dc=dc nspace=nspace onsubmit=(action sink.open value="data"))
+    ) as |api components|}}
+      <State @matches="authorized">
+        {{#yield-slot name="authorized"}}
+          {{yield api components}}
+        {{/yield-slot}}
+      </State>
+
+      <State @matches="unauthorized">
+      {{#yield-slot name="unauthorized"}}
+          {{yield api components}}
+        {{/yield-slot}}
+      </State>
+    {{/let}}
+  </DataSink>
+</StateChart>
diff --git a/ui-v2/app/components/auth-dialog/index.js b/ui-v2/app/components/auth-dialog/index.js
new file mode 100644
index 000000000000..041fee483b48
--- /dev/null
+++ b/ui-v2/app/components/auth-dialog/index.js
@@ -0,0 +1,42 @@
+import Component from '@ember/component';
+import Slotted from 'block-slots';
+import { inject as service } from '@ember/service';
+import { get } from '@ember/object';
+import chart from './chart.xstate';
+
+export default Component.extend(Slotted, {
+  tagName: '',
+  repo: service('repository/oidc-provider'),
+  init: function() {
+    this._super(...arguments);
+    this.chart = chart;
+  },
+  actions: {
+    hasToken: function() {
+      return typeof this.token.AccessorID !== 'undefined';
+    },
+    login: function() {
+      let prev = get(this, 'previousToken.AccessorID');
+      let current = get(this, 'token.AccessorID');
+      if (prev === null) {
+        prev = get(this, 'previousToken.SecretID');
+      }
+      if (current === null) {
+        current = get(this, 'token.SecretID');
+      }
+      let type = 'authorize';
+      if (typeof prev !== 'undefined' && prev !== current) {
+        type = 'use';
+      }
+      this.onchange({ data: get(this, 'token'), type: type });
+    },
+    logout: function() {
+      if (typeof get(this, 'previousToken.AuthMethod') !== 'undefined') {
+        // we are ok to fire and forget here
+        this.repo.logout(get(this, 'previousToken.SecretID'));
+      }
+      this.previousToken = null;
+      this.onchange({ data: null, type: 'logout' });
+    },
+  },
+});
diff --git a/ui-v2/app/components/auth-form/README.mdx b/ui-v2/app/components/auth-form/README.mdx
new file mode 100644
index 000000000000..942e9d813748
--- /dev/null
+++ b/ui-v2/app/components/auth-form/README.mdx
@@ -0,0 +1,18 @@
+## AuthForm
+
+```handlebars
+<AuthForm as |api|></AuthForm>
+```
+
+### Methods/Actions/api
+
+| Method/Action |  Description |
+| --- | --- |
+| `reset` | Reset the form back to its original empty/non-error state |
+
+### See
+
+- [Component Source Code](./index.js)
+- [Template Source Code](./index.hbs)
+
+---
diff --git a/ui-v2/app/components/auth-form/chart.xstate.js b/ui-v2/app/components/auth-form/chart.xstate.js
new file mode 100644
index 000000000000..dc4b281059a3
--- /dev/null
+++ b/ui-v2/app/components/auth-form/chart.xstate.js
@@ -0,0 +1,55 @@
+export default {
+  id: 'auth-form',
+  initial: 'idle',
+  on: {
+    RESET: [
+      {
+        target: 'idle',
+      },
+    ],
+  },
+  states: {
+    idle: {
+      entry: ['clearError'],
+      on: {
+        SUBMIT: [
+          {
+            target: 'loading',
+            cond: 'hasValue',
+          },
+          {
+            target: 'error',
+          },
+        ],
+      },
+    },
+    loading: {
+      on: {
+        ERROR: [
+          {
+            target: 'error',
+          },
+        ],
+      },
+    },
+    error: {
+      exit: ['clearError'],
+      on: {
+        TYPING: [
+          {
+            target: 'idle',
+          },
+        ],
+        SUBMIT: [
+          {
+            target: 'loading',
+            cond: 'hasValue',
+          },
+          {
+            target: 'error',
+          },
+        ],
+      },
+    },
+  },
+};
diff --git a/ui-v2/app/components/auth-form/index.hbs b/ui-v2/app/components/auth-form/index.hbs
new file mode 100644
index 000000000000..2b25ccdd6e20
--- /dev/null
+++ b/ui-v2/app/components/auth-form/index.hbs
@@ -0,0 +1,100 @@
+<StateChart @src={{chart}} as |State Guard Action dispatch state|>
+  {{yield (hash
+    reset=(action dispatch "RESET")
+    focus=(action 'focus')
+  )}}
+  <Guard @name="hasValue" @cond={{action 'hasValue'}} />
+  {{!FIXME: Call this reset or similar }}
+  <Action @name="clearError" @exec={{queue (action (mut error) undefined) (action (mut secret) undefined)}} />
+  <div class="auth-form" ...attributes>
+    <State @matches="error">
+      {{#if error.status}}
+        <p role="alert" class="notice error">
+          {{#if value.Name}}
+            {{#if (eq error.status '403')}}
+              <strong>Consul login failed</strong><br />
+              We received a token from your OIDC provider but could not log in to Consul with it.
+            {{else if (eq error.status '401')}}
+              <strong>Could not log in to provider</strong><br />
+              The OIDC provider has rejected this access token. Please have an administrator check your auth method configuration.
+            {{else if (eq error.status '499')}}
+              <strong>SSO log in window closed</strong><br />
+              The OIDC provider window was closed. Please try again.
+            {{else}}
+              <strong>Error</strong><br />
+              {{error.detail}}
+            {{/if}}
+          {{else}}
+            {{#if (eq error.status '403')}}
+              <strong>Invalid token</strong><br />
+              The token entered does not exist. Please enter a valid token to log in.
+            {{else}}
+              <strong>Error</strong><br />
+              {{error.detail}}
+            {{/if}}
+          {{/if}}
+        </p>
+      {{/if}}
+    </State>
+    <form onsubmit={{action dispatch "SUBMIT"}}>
+      <fieldset>
+        <label class={{concat "type-password" (if (and (state-matches state 'error') (not error.status)) ' has-error' '')}}>
+          <span>Log in with a token</span>
+          <input
+            {{ref this 'input'}}
+            disabled={{state-matches state "loading"}}
+            type="password"
+            name="auth[SecretID]"
+            placeholder="SecretID"
+            value={{secret}}
+            oninput={{queue
+              (action (mut secret) value="target.value")
+              (action (mut value) value="target.value")
+              (action dispatch "TYPING")
+            }}
+          />
+          <State @matches="error">
+            {{#if (not error.status)}}
+              <strong role="alert">
+                Please enter your secret
+              </strong>
+            {{/if}}
+          </State>
+        </label>
+      </fieldset>
+      <button type="submit" disabled={{state-matches state "loading"}}>
+        Log in
+      </button>
+      <em>Contact your administrator for login credentials.</em>
+    </form>
+{{#if (env 'CONSUL_SSO_ENABLED')}}
+    <DataSource
+      @src={{concat '/' (or nspace 'default') '/' dc '/oidc/providers'}}
+      @onchange={{queue (action (mut providers) value="data")}}
+      @onerror={{queue (action (mut error) value="error.errors.firstObject")}}
+      @loading="lazy"
+    />
+  {{#if (gt providers.length 0)}}
+    <p>
+      <span>or</span>
+    </p>
+  {{/if}}
+  <OidcSelect
+    @items={{providers}}
+    @disabled={{state-matches state "loading"}}
+    @onchange={{queue (action (mut value)) (action dispatch "SUBMIT") }}
+    @onerror={{queue (action (mut error) value="error.errors.firstObject") (action dispatch "ERROR")}}
+  />
+{{/if}}
+  </div>
+  <State @matches="loading">
+    <TokenSource
+      @dc={{dc}}
+      @nspace={{nspace}}
+      @type={{if value.Name 'oidc' 'secret'}}
+      @value={{if value.Name value.Name value}}
+      @onchange={{action onsubmit}}
+      @onerror={{queue (action (mut error) value="error.errors.firstObject") (action dispatch "ERROR")}}
+    />
+  </State>
+</StateChart>
\ No newline at end of file
diff --git a/ui-v2/app/components/auth-form/index.js b/ui-v2/app/components/auth-form/index.js
new file mode 100644
index 000000000000..c6a95e277591
--- /dev/null
+++ b/ui-v2/app/components/auth-form/index.js
@@ -0,0 +1,21 @@
+import Component from '@ember/component';
+
+import chart from './chart.xstate';
+
+export default Component.extend({
+  tagName: '',
+  onsubmit: function(e) {},
+  onchange: function(e) {},
+  init: function() {
+    this._super(...arguments);
+    this.chart = chart;
+  },
+  actions: {
+    hasValue: function(context, event, meta) {
+      return this.value !== '' && typeof this.value !== 'undefined';
+    },
+    focus: function() {
+      this.input.focus();
+    },
+  },
+});
diff --git a/ui-v2/app/components/auth-profile/README.mdx b/ui-v2/app/components/auth-profile/README.mdx
new file mode 100644
index 000000000000..f4fa59771d18
--- /dev/null
+++ b/ui-v2/app/components/auth-profile/README.mdx
@@ -0,0 +1,20 @@
+## AuthProfile
+
+```handlebars
+<AuthProfile @item={{token}} />
+```
+
+A straightforward partial-like component for rendering a user profile.
+
+### Arguments
+
+| Argument | Type | Default | Description |
+| --- | --- | --- | --- |
+| `item` | `Object` | | A Consul shaped token object (currently only requires an AccessorID property to be set |
+
+### See
+
+- [Component Source Code](./index.js)
+- [Template Source Code](./index.hbs)
+
+---
diff --git a/ui-v2/app/components/auth-profile/index.hbs b/ui-v2/app/components/auth-profile/index.hbs
new file mode 100644
index 000000000000..6f46fd37cbd9
--- /dev/null
+++ b/ui-v2/app/components/auth-profile/index.hbs
@@ -0,0 +1,9 @@
+<dl>
+    <dt>
+      <span>My ACL Token</span><br />
+      AccessorID
+    </dt>
+    <dd>
+      {{substr item.AccessorID -8}}
+    </dd>
+</dl>
\ No newline at end of file
diff --git a/ui-v2/app/components/auth-profile/index.js b/ui-v2/app/components/auth-profile/index.js
new file mode 100644
index 000000000000..4798652642ba
--- /dev/null
+++ b/ui-v2/app/components/auth-profile/index.js
@@ -0,0 +1,5 @@
+import Component from '@ember/component';
+
+export default Component.extend({
+  tagName: '',
+});
diff --git a/ui-v2/app/components/child-selector/index.hbs b/ui-v2/app/components/child-selector/index.hbs
index 51fd38ef93ab..1b13235f0e6b 100644
--- a/ui-v2/app/components/child-selector/index.hbs
+++ b/ui-v2/app/components/child-selector/index.hbs
@@ -1,3 +1,4 @@
+<div ...attributes>
 {{yield}}
   <YieldSlot @name="create">{{yield}}</YieldSlot>
   <label class="type-text">
@@ -24,4 +25,5 @@
   <YieldSlot @name="set">{{yield}}</YieldSlot>
 {{else}}
 
-{{/if}}
\ No newline at end of file
+{{/if}}
+</div>
\ No newline at end of file
diff --git a/ui-v2/app/components/child-selector/index.js b/ui-v2/app/components/child-selector/index.js
index cf01b8138a8e..c1f58ef5b8ac 100644
--- a/ui-v2/app/components/child-selector/index.js
+++ b/ui-v2/app/components/child-selector/index.js
@@ -8,6 +8,7 @@ import WithListeners from 'consul-ui/mixins/with-listeners';
 
 export default Component.extend(SlotsMixin, WithListeners, {
   onchange: function() {},
+  tagName: '',
 
   error: function() {},
   type: '',
diff --git a/ui-v2/app/components/dom-buffer/index.js b/ui-v2/app/components/dom-buffer/index.js
index 63c4d62f8339..eb2706e88164 100644
--- a/ui-v2/app/components/dom-buffer/index.js
+++ b/ui-v2/app/components/dom-buffer/index.js
@@ -9,10 +9,11 @@ export default Component.extend({
   },
   didInsertElement: function() {
     this._super(...arguments);
-    this.buffer.add(this.getBufferName(), this.element);
+    this._element = this.buffer.add(this.getBufferName(), this.element);
   },
   didDestroyElement: function() {
     this._super(...arguments);
-    this.buffer.remove(this.getBufferName());
+    this.buffer.remove(this.getBufferName(), this._element);
+    this._element = null;
   },
 });
diff --git a/ui-v2/app/components/form-component/index.js b/ui-v2/app/components/form-component/index.js
index 0be3328b03f0..520cb2148e09 100644
--- a/ui-v2/app/components/form-component/index.js
+++ b/ui-v2/app/components/form-component/index.js
@@ -6,6 +6,7 @@ import WithListeners from 'consul-ui/mixins/with-listeners';
 // match anything that isn't a [ or ] into multiple groups
 const propRe = /([^[\]])+/g;
 export default Component.extend(WithListeners, SlotsMixin, {
+  tagName: '',
   onreset: function() {},
   onchange: function() {},
   onerror: function() {},
diff --git a/ui-v2/app/components/hashicorp-consul/index.hbs b/ui-v2/app/components/hashicorp-consul/index.hbs
index cbf153e0cd34..2ca5f255ed59 100644
--- a/ui-v2/app/components/hashicorp-consul/index.hbs
+++ b/ui-v2/app/components/hashicorp-consul/index.hbs
@@ -1,4 +1,4 @@
-
+    <ModalLayer />
     <header role="banner" data-test-navigation>
       <a data-test-main-nav-logo href={{href-to 'index'}}><svg width="28" height="27" xmlns="http://www.w3.org/2000/svg"><title>Consul</title><path d="M13.284 16.178a2.876 2.876 0 1 1-.008-5.751 2.876 2.876 0 0 1 .008 5.75zm5.596-1.547a1.333 1.333 0 1 1 0-2.667 1.333 1.333 0 0 1 0 2.667zm4.853 1.249a1.271 1.271 0 1 1 .027-.107c0 .031 0 .067-.027.107zm-.937-3.436a1.333 1.333 0 1 1 .986-1.595c.033.172.033.348 0 .52-.07.53-.465.96-.986 1.075zm4.72 3.29a1.333 1.333 0 1 1-1.076-1.538 1.333 1.333 0 0 1 1.116 1.417.342.342 0 0 0-.027.12h-.013zm-1.08-3.33a1.333 1.333 0 1 1 1.088-1.524c.014.114.014.229 0 .342a1.333 1.333 0 0 1-1.102 1.182h.014zm-.925 7.925a1.333 1.333 0 1 1 .165-.547c-.01.193-.067.38-.165.547zm-.48-12.191a1.333 1.333 0 1 1 .507-1.814c.14.237.198.514.164.787-.038.438-.289.828-.67 1.045v-.018zM13.333 26.667C5.97 26.667 0 20.697 0 13.333 0 5.97 5.97 0 13.333 0c2.929-.01 5.778.955 8.098 2.742L19.8 4.89a10.667 10.667 0 0 0-17.133 8.444 10.667 10.667 0 0 0 17.137 8.471l1.627 2.13a13.218 13.218 0 0 1-8.098 2.733z" fill="#FFF"/></svg></a>
         <input type="checkbox" name="menu" id="main-nav-toggle" onchange={{action 'change'}} />
@@ -100,7 +100,7 @@
             </nav>
             <nav>
                 <ul>
-                    <li data-test-main-nav-docs>
+                    <li data-test-main-nav-help>
                       <PopoverMenu @position="right">
                         <BlockSlot @name="trigger">
                           Help
@@ -123,42 +123,55 @@
                         <a href={{href-to 'settings'}}>Settings</a>
                     </li>
 {{#if (env 'CONSUL_ACLS_ENABLED')}}
-                    <DataSource
-                      @src="settings://consul:token"
-                      @onchange={{action "changeToken" value="data"}}
-                    />
-                    <DataSink
-                      @sink="settings://consul:token"
-                    as |tokenSink|>
-  {{#if (not-eq token.AccessorID undefined)}}
-                      <li data-test-main-nav-auth>
-                        <PopoverMenu @position="right">
-                          <BlockSlot @name="trigger">
-                            Logout
+                    <li data-test-main-nav-auth>
+                      <AuthDialog
+                        @dc={{dc.Name}}
+                        @nspace={{nspace.Name}}
+                        @onchange={{action onchange}} as |authDialog components|
+                      >
+                        {{#let components.AuthForm components.AuthProfile as |AuthForm AuthProfile|}}
+                          <BlockSlot @name="unauthorized">
+                            <label tabindex="0" for="login-toggle" onkeypress={{action 'keypressClick'}}>
+                              <span>Log in</span>
+                            </label>
+                            <ModalDialog @name="login-toggle" @onclose={{action 'close'}} @onopen={{action 'open'}}>
+                              <BlockSlot @name="header">
+                                <h2>Log in to Consul</h2>
+                              </BlockSlot>
+                              <BlockSlot @name="body">
+                                <AuthForm as |api|>
+                                  <Ref @target={{this}} @name="authForm" @value={{api}} />
+                                </AuthForm>
+                              </BlockSlot>
+                              <BlockSlot @name="actions" as |close|>
+                                <button type="button" onclick={{action close}}>
+                                  Continue without logging in
+                                </button>
+                              </BlockSlot>
+                            </ModalDialog>
                           </BlockSlot>
-                          <BlockSlot @name="menu">
-                      {{#if token.AccessorID}}
-                            <li role="none">
-                              <dl>
-                                <dt>
-                                  <span>My ACL Token</span><br />
-                                  AccessorID
-                                </dt>
-                                <dd>
-                                  {{substr token.AccessorID -8}}
-                                </dd>
-                              </dl>
-                            </li>
-                            <li role="separator"></li>
-                      {{/if}}
-                            <li class="dangerous" role="none">
-                                <button type="button" tabindex="-1" role="menuitem" onclick={{action tokenSink.open null}}>Logout</button>
-                            </li>
+                          <BlockSlot @name="authorized">
+                            <PopoverMenu @position="right">
+                              <BlockSlot @name="trigger">
+                                Logout
+                              </BlockSlot>
+                              <BlockSlot @name="menu">
+    {{!TODO: It might be nice to use one of our recursive components here}}
+    {{#if authDialog.token.AccessorID}}
+                                <li role="none">
+                                  <AuthProfile />
+                                </li>
+                                <li role="separator"></li>
+    {{/if}}
+                                <li class="dangerous" role="none">
+                                  <button type="button" tabindex="-1" role="menuitem" onclick={{action authDialog.logout}}>Logout</button>
+                                </li>
+                              </BlockSlot>
+                            </PopoverMenu>
                           </BlockSlot>
-                        </PopoverMenu>
-                      </li>
-  {{/if}}
-                    </DataSink>
+                        {{/let}}
+                      </AuthDialog>
+                    </li>
 {{/if}}
                 </ul>
             </nav>
@@ -172,5 +185,4 @@
         <p data-test-footer-version>Consul {{env 'CONSUL_VERSION'}}</p>
         <a data-test-footer-docs href="{{env 'CONSUL_DOCS_URL'}}" rel="help noopener noreferrer" target="_blank">Documentation</a>
         {{{concat '<!-- ' (env 'CONSUL_GIT_SHA') '-->'}}}
-    </footer>
-    <ModalLayer />
\ No newline at end of file
+    </footer>
\ No newline at end of file
diff --git a/ui-v2/app/components/hashicorp-consul/index.js b/ui-v2/app/components/hashicorp-consul/index.js
index 6a6767a673ba..72f5f9f90e14 100644
--- a/ui-v2/app/components/hashicorp-consul/index.js
+++ b/ui-v2/app/components/hashicorp-consul/index.js
@@ -1,19 +1,12 @@
 import Component from '@ember/component';
 import { inject as service } from '@ember/service';
-import { get, set, computed } from '@ember/object';
-import { getOwner } from '@ember/application';
+import { computed } from '@ember/object';
 
 export default Component.extend({
   dom: service('dom'),
-  env: service('env'),
-  feedback: service('feedback'),
-  router: service('router'),
-  http: service('repository/type/event-source'),
-  client: service('client/http'),
-  store: service('store'),
-  settings: service('settings'),
 
   didInsertElement: function() {
+    this._super(...arguments);
     this.dom.root().classList.remove('template-with-vertical-menu');
   },
   // TODO: Right now this is the only place where we need permissions
@@ -25,108 +18,15 @@ export default Component.extend({
       }) !== 'undefined'
     );
   }),
-  forwardForACL: function(token) {
-    let routeName = this.router.currentRouteName;
-    const route = getOwner(this).lookup(`route:${routeName}`);
-    // a null AccessorID means we are in legacy mode
-    // take the user to the legacy acls
-    // otherwise just refresh the page
-    if (get(token, 'AccessorID') === null) {
-      // returning false for a feedback action means even though
-      // its successful, please skip this notification and don't display it
-      return route.transitionTo('dc.acls');
-    } else {
-      // TODO: Ideally we wouldn't need to use env() at a component level
-      // transitionTo should probably remove it instead if NSPACES aren't enabled
-      if (this.env.var('CONSUL_NSPACES_ENABLED') && get(token, 'Namespace') !== this.nspace.Name) {
-        if (!routeName.startsWith('nspace')) {
-          routeName = `nspace.${routeName}`;
-        }
-        const nspace = get(token, 'Namespace');
-        // you potentially have a new namespace
-        if (typeof nspace !== 'undefined') {
-          return route.transitionTo(`${routeName}`, `~${nspace}`, this.dc.Name);
-        }
-        // you are logging out, just refresh
-        return route.refresh();
-      } else {
-        if (route.routeName === 'dc.acls.index') {
-          return route.transitionTo('dc.acls.tokens.index');
-        }
-        return route.refresh();
-      }
-    }
-  },
   actions: {
-    send: function(el, method, ...rest) {
-      const component = this.dom.component(el);
-      component.actions[method].apply(component, rest || []);
+    keypressClick: function(e) {
+      e.target.dispatchEvent(new MouseEvent('click'));
     },
-    changeToken: function(token = {}) {
-      const prev = this.token;
-      if (token === '') {
-        token = {};
-      }
-      set(this, 'token', token);
-      // if this is just the initial 'find out what the current token is'
-      // then don't do anything
-      if (typeof prev === 'undefined') {
-        return;
-      }
-      let notification;
-      let action = () => this.forwardForACL(token);
-      switch (true) {
-        case get(this, 'token.AccessorID') === null && get(this, 'token.SecretID') === null:
-          // 'everything is null, 403 this needs deleting' token
-          this.settings.delete('token');
-          return;
-        case get(prev, 'AccessorID') === null && get(prev, 'SecretID') === null:
-          // we just had an 'everything is null, this needs deleting' token
-          // reject and break so this acts differently to just logging out
-          action = () => Promise.reject({});
-          notification = 'authorize';
-          break;
-        case typeof get(prev, 'AccessorID') !== 'undefined' &&
-          typeof get(this, 'token.AccessorID') !== 'undefined':
-          // change of both Accessor and Secret, means use
-          notification = 'use';
-          break;
-        case get(this, 'token.AccessorID') === null &&
-          typeof get(this, 'token.SecretID') !== 'undefined':
-          // legacy login, don't do anything as we don't use self for auth here but the endpoint itself
-          // self is successful, but skip this notification and don't display it
-          return this.forwardForACL(token);
-        case typeof get(prev, 'AccessorID') === 'undefined' &&
-          typeof get(this, 'token.AccessorID') !== 'undefined':
-          // normal login
-          notification = 'authorize';
-          break;
-        case (typeof get(prev, 'AccessorID') !== 'undefined' || get(prev, 'AccessorID') === null) &&
-          typeof get(this, 'token.AccessorID') === 'undefined':
-          //normal logout
-          notification = 'logout';
-          break;
-      }
-      this.actions.reauthorize.apply(this, [
-        {
-          type: notification,
-          action: action,
-        },
-      ]);
+    open: function() {
+      this.authForm.focus();
     },
-    reauthorize: function(e) {
-      this.client.abort();
-      this.http.resetCache();
-      this.store.init();
-      const type = get(e, 'type');
-      this.feedback.execute(
-        e.action,
-        type,
-        function(type, e) {
-          return type;
-        },
-        {}
-      );
+    close: function() {
+      this.authForm.reset();
     },
     change: function(e) {
       const win = this.dom.viewport();
diff --git a/ui-v2/app/components/jwt-source/README.mdx b/ui-v2/app/components/jwt-source/README.mdx
new file mode 100644
index 000000000000..51b1a12f2293
--- /dev/null
+++ b/ui-v2/app/components/jwt-source/README.mdx
@@ -0,0 +1,24 @@
+## JwtSource
+
+```handlebars
+<JwtSource @src={{url}} @onchange={{action 'change'}} @onerror={{action 'error'}} />
+```
+
+### Arguments
+
+| Argument | Type | Default | Description |
+| --- | --- | --- | --- |
+| `src` | `String` | | The source to subscribe to updates to, this should map to a string based URI |
+| `onchange` | `Function` |  | The action to fire when the data changes. Emits an Event-like object with a `data` property containing the jwt data, in this case the autorizationCode and the status |
+| `onerror` | `Function` |  | The action to fire when an error occurs. Emits ErrorEvent object with an `error` property containing the Error. |
+
+This component will go through the steps of requesting a JWT token from a third party oauth provider. `src` should contain the full URL of the authorization URL for the 3rd party provider. Once the user has logged into the 3rd party provider the `onchange` event will be fired containing an event-like object whose data contains the JWT information.
+
+The component need only be place into the DOM in order to begin the OAuth dance.
+
+### See
+
+- [Component Source Code](./index.js)
+- [Template Source Code](./index.hbs)
+
+---
diff --git a/ui-v2/app/components/jwt-source/index.js b/ui-v2/app/components/jwt-source/index.js
new file mode 100644
index 000000000000..da84dc672caa
--- /dev/null
+++ b/ui-v2/app/components/jwt-source/index.js
@@ -0,0 +1,31 @@
+import Component from '@ember/component';
+import { inject as service } from '@ember/service';
+import { fromPromise } from 'consul-ui/utils/dom/event-source';
+
+export default Component.extend({
+  repo: service('repository/oidc-provider'),
+  dom: service('dom'),
+  tagName: '',
+  onchange: function(e) {},
+  onerror: function(e) {},
+  init: function() {
+    this._super(...arguments);
+    this._listeners = this.dom.listeners();
+  },
+  willDestroy: function() {
+    this._super(...arguments);
+    this.repo.close();
+    this._listeners.remove();
+  },
+  didInsertElement: function() {
+    if (this.source) {
+      this.source.close();
+    }
+    // TODO: Could this use once? Double check but I don't think it can
+    this.source = fromPromise(this.repo.findCodeByURL(this.src));
+    this._listeners.add(this.source, {
+      message: e => this.onchange(e),
+      error: e => this.onerror(e),
+    });
+  },
+});
diff --git a/ui-v2/app/components/oidc-select/chart.xstate.js b/ui-v2/app/components/oidc-select/chart.xstate.js
new file mode 100644
index 000000000000..08e65961d8b8
--- /dev/null
+++ b/ui-v2/app/components/oidc-select/chart.xstate.js
@@ -0,0 +1,16 @@
+export default {
+  id: 'oidc-select',
+  initial: 'loading',
+  states: {
+    loaded: {},
+    loading: {
+      on: {
+        SUCCESS: [
+          {
+            target: 'loaded',
+          },
+        ],
+      },
+    },
+  },
+};
diff --git a/ui-v2/app/components/oidc-select/index.hbs b/ui-v2/app/components/oidc-select/index.hbs
new file mode 100644
index 000000000000..99b173be5fba
--- /dev/null
+++ b/ui-v2/app/components/oidc-select/index.hbs
@@ -0,0 +1,46 @@
+<StateChart @src={{chart}} as |State Guard Action dispatch state|>
+  <Ref @target={{this}} @name="dispatch" @value={{dispatch}} />
+  <State @matches="loaded">
+    <div class="oidc-select" ...attributes>
+        {{#if (lt items.length 3)}}
+            <ul>
+            {{#each items as |item|}}
+              <li>
+                <button
+                  disabled={{disabled}}
+                  type="button" class={{concat item.Kind '-oidc-provider'}}
+                  onclick={{action onchange item}}
+                >
+                  Continue with {{or item.DisplayName item.Name}}
+                </button>
+              </li>
+            {{/each}}
+            </ul>
+        {{else}}
+          {{#let (or provider (object-at 0 items)) as |item|}}
+            <label>
+              <span>SSO Provider</span>
+              <PowerSelect
+                @disabled={{disabled}}
+                @onChange={{action (mut provider)}}
+                @selected={{item}}
+                @searchEnabled={{false}}
+                @options={{items}} as |item|>
+                <span class={{concat item.Kind '-oidc-provider'}}>{{or item.DisplayName item.Name}}</span>
+              </PowerSelect>
+            </label>
+            <button
+              disabled={{disabled}}
+              type="button"
+              onclick={{action onchange item}}
+            >
+              Log in
+            </button>
+          {{/let}}
+        {{/if}}
+    </div>
+  </State>
+  <State @matches="loading">
+    <div class="progress indeterminate"></div>
+  </State>
+</StateChart>
\ No newline at end of file
diff --git a/ui-v2/app/components/oidc-select/index.js b/ui-v2/app/components/oidc-select/index.js
new file mode 100644
index 000000000000..a0b5b164d9ae
--- /dev/null
+++ b/ui-v2/app/components/oidc-select/index.js
@@ -0,0 +1,20 @@
+import Component from '@ember/component';
+import chart from './chart.xstate';
+
+export default Component.extend({
+  tagName: '',
+  onchange: function() {},
+  onerror: function() {},
+  init: function() {
+    this._super(...arguments);
+    this.chart = chart;
+  },
+  didReceiveAttrs: function() {
+    // This gets called no matter which attr has changed
+    // such as disabled, thing is once we are in loaded state
+    // it doesn't do anything anymore
+    if (typeof this.items !== 'undefined') {
+      this.dispatch('SUCCESS');
+    }
+  },
+});
diff --git a/ui-v2/app/components/policy-selector/index.hbs b/ui-v2/app/components/policy-selector/index.hbs
index 8b702a2b86f6..6e2b7198acc2 100644
--- a/ui-v2/app/components/policy-selector/index.hbs
+++ b/ui-v2/app/components/policy-selector/index.hbs
@@ -1,4 +1,4 @@
-<ChildSelector @repo={{repo}} @dc={{dc}} @nspace={{nspace}} @type="policy" @placeholder="Search for policy" @items={{items}}>
+<ChildSelector ...attributes @repo={{repo}} @dc={{dc}} @nspace={{nspace}} @type="policy" @placeholder="Search for policy" @items={{items}}>
   {{yield}}
   <BlockSlot @name="label">
     Apply an existing policy
diff --git a/ui-v2/app/components/role-form/index.hbs b/ui-v2/app/components/role-form/index.hbs
index c5a7ecaa1298..460c6d6904a1 100644
--- a/ui-v2/app/components/role-form/index.hbs
+++ b/ui-v2/app/components/role-form/index.hbs
@@ -1,5 +1,5 @@
 {{yield}}
-<fieldset>
+<fieldset class="role-form" data-test-role-form>
     <label class="type-text{{if item.error.Name ' has-error'}}">
         <span>Name</span>
         <input type="text" value={{item.Name}} name="role[Name]" autofocus="autofocus" oninput={{action 'change'}} />
diff --git a/ui-v2/app/components/token-source/README.mdx b/ui-v2/app/components/token-source/README.mdx
new file mode 100644
index 000000000000..80aaab3b797f
--- /dev/null
+++ b/ui-v2/app/components/token-source/README.mdx
@@ -0,0 +1,32 @@
+## TokenSource
+
+```handlebars
+  <TokenSource
+    @dc={{dc}}
+    @nspace={{nspace}}
+    @type={{or 'oidc' 'secret'}}
+    @value={{or identifierForProvider secret}}
+    @onchange={{action 'change'}}
+    @onerror={{action 'error'}}
+  />
+```
+
+### Arguments
+
+| Argument | Type | Default | Description |
+| --- | --- | --- | --- |
+| `dc` | `String` | | The name of the current datacenter |
+| `nspace` | `String` | | The name of the current namespace |
+| `onchange` | `Function` |  | The action to fire when the data changes. Emits an Event-like object with a `data` property containing the jwt data, in this case the autorizationCode and the status |
+| `onerror` | `Function` |  | The action to fire when an error occurs. Emits ErrorEvent object with an `error` property containing the Error. |
+
+This component will go through the steps of requesting a JWT token from a third party oauth provider. `src` should contain the full URL of the authorization URL for the 3rd party provider. Once the user has logged into the 3rd party provider the `onchange` event will be fired containing an event-like object whose data contains the JWT information.
+
+The component need only be place into the DOM in order to begin the OAuth dance.
+
+### See
+
+- [Component Source Code](./index.js)
+- [Template Source Code](./index.hbs)
+
+---
diff --git a/ui-v2/app/components/token-source/chart.xstate.js b/ui-v2/app/components/token-source/chart.xstate.js
new file mode 100644
index 000000000000..6629a68befc9
--- /dev/null
+++ b/ui-v2/app/components/token-source/chart.xstate.js
@@ -0,0 +1,30 @@
+export default {
+  id: 'token-source',
+  initial: 'idle',
+  on: {
+    RESTART: [
+      {
+        target: 'secret',
+        cond: 'isSecret',
+      },
+      {
+        target: 'provider',
+      },
+    ],
+  },
+  states: {
+    idle: {},
+    secret: {},
+    provider: {
+      on: {
+        SUCCESS: 'jwt',
+      },
+    },
+    jwt: {
+      on: {
+        SUCCESS: 'token',
+      },
+    },
+    token: {},
+  },
+};
diff --git a/ui-v2/app/components/token-source/index.hbs b/ui-v2/app/components/token-source/index.hbs
new file mode 100644
index 000000000000..711f6704c349
--- /dev/null
+++ b/ui-v2/app/components/token-source/index.hbs
@@ -0,0 +1,33 @@
+<StateChart @src={{chart}} @initial={{if (eq type 'oidc') 'provider' 'secret'}} as |State Guard Action dispatch state|>
+  <Guard @name="isSecret" @cond={{action 'isSecret'}} />
+  {{#let (concat '/' (or nspace 'default') '/' dc) as |path|}}
+    <State @matches="secret">
+      <DataSource
+        @src={{concat path '/token/self/' value}}
+        @onchange={{action 'change'}}
+        @onerror={{action onerror}}
+      />
+    </State>
+    <State @matches="provider">
+      <DataSource
+        @src={{concat path '/oidc/provider/' value}}
+        @onchange={{queue (action (mut provider) value="data") (action dispatch "SUCCESS")}}
+        @onerror={{action onerror}}
+      />
+    </State>
+    <State @matches="jwt">
+      <JwtSource
+        @src={{provider.AuthURL}}
+        @onchange={{queue (action (mut jwt) value="data") (action dispatch "SUCCESS")}}
+        @onerror={{action onerror}}
+      />
+    </State>
+    <State @matches="token">
+      <DataSource
+        @src={{concat path '/oidc/authorize/' provider.Name '/' jwt.authorizationCode '/' jwt.authorizationState}}
+        @onchange={{action 'change'}}
+        @onerror={{action onerror}}
+      />
+    </State>
+  {{/let}}
+</StateChart>
\ No newline at end of file
diff --git a/ui-v2/app/components/token-source/index.js b/ui-v2/app/components/token-source/index.js
new file mode 100644
index 000000000000..0c0dee250775
--- /dev/null
+++ b/ui-v2/app/components/token-source/index.js
@@ -0,0 +1,36 @@
+import Component from '@ember/component';
+
+import chart from './chart.xstate';
+export default Component.extend({
+  onchange: function() {},
+  init: function() {
+    this._super(...arguments);
+    this.chart = chart;
+  },
+  actions: {
+    isSecret: function() {
+      return this.type === 'secret';
+    },
+    change: function(e) {
+      e.data.toJSON = function() {
+        return {
+          AccessorID: this.AccessorID,
+          // TODO: In the past we've always ignored the SecretID returned
+          // from the server and used what the user typed in instead, now
+          // as we don't know the SecretID when we use SSO we use the SecretID
+          // in the response
+          SecretID: this.SecretID,
+          Namespace: this.Namespace,
+          ...{
+            AuthMethod: typeof this.AuthMethod !== 'undefined' ? this.AuthMethod : undefined,
+            // TODO: We should be able to only set namespaces if they are enabled
+            // but we might be testing for nspaces everywhere
+            // Namespace: typeof this.Namespace !== 'undefined' ? this.Namespace : undefined
+          },
+        };
+      };
+      // FIXME: We should probably put the component into idle state
+      this.onchange(e);
+    },
+  },
+});
diff --git a/ui-v2/app/controllers/application.js b/ui-v2/app/controllers/application.js
index 75ceaaec3c18..0ad991e3f500 100644
--- a/ui-v2/app/controllers/application.js
+++ b/ui-v2/app/controllers/application.js
@@ -1,3 +1,63 @@
 import Controller from '@ember/controller';
+import { inject as service } from '@ember/service';
+import { getOwner } from '@ember/application';
+import { get } from '@ember/object';
+import transitionable from 'consul-ui/utils/routing/transitionable';
 
-export default Controller.extend({});
+export default Controller.extend({
+  router: service('router'),
+  http: service('repository/type/event-source'),
+  dataSource: service('data-source/service'),
+  client: service('client/http'),
+  store: service('store'),
+  feedback: service('feedback'),
+  actions: {
+    // TODO: We currently do this in the controller instead of the router
+    // as the nspace and dc variables aren't available directly on the Route
+    // look to see if we can move this up there so we can empty the Controller
+    // out again
+    reauthorize: function(e) {
+      // TODO: For the moment e isn't a real event
+      // it has data which is potentially the token
+      // and type which is the logout/authorize/use action
+      // used for the feedback service.
+      this.feedback.execute(
+        () => {
+          // TODO: Centralize this elsewhere
+          this.client.abort();
+          this.http.resetCache();
+          this.dataSource.resetCache();
+          this.store.init();
+
+          const params = {};
+          if (e.data) {
+            const token = e.data;
+            // TODO: Do I actually need to check to see if nspaces are enabled here?
+            if (typeof this.nspace !== 'undefined') {
+              const nspace = get(token, 'Namespace') || this.nspace.Name;
+              // you potentially have a new namespace
+              // if you do redirect to it
+              if (nspace !== this.nspace.Name) {
+                params.nspace = `~${nspace}`;
+              }
+            }
+          }
+          const routeName = this.router.currentRoute.name;
+          const route = getOwner(this).lookup(`route:${routeName}`);
+          // We use transitionable here as refresh doesn't work if you are on an error page
+          // which is highly likely to happen here (403s)
+          if (routeName !== this.router.currentRouteName) {
+            return route.transitionTo(...transitionable(this.router, params, getOwner(this)));
+          } else {
+            return route.refresh();
+          }
+        },
+        e.type,
+        function(type, e) {
+          return type;
+        },
+        {}
+      );
+    },
+  },
+});
diff --git a/ui-v2/app/routes/application.js b/ui-v2/app/routes/application.js
index ad7f5b9361ca..a00aca74419d 100644
--- a/ui-v2/app/routes/application.js
+++ b/ui-v2/app/routes/application.js
@@ -18,7 +18,9 @@ export default Route.extend(WithBlockingActions, {
     return hash({
       router: this.router,
       dcs: this.repo.findAll(),
-      nspaces: this.nspacesRepo.findAll(),
+      nspaces: this.nspacesRepo.findAll().catch(function() {
+        return [];
+      }),
 
       // these properties are added to the controller from route/dc
       // as we don't have access to the dc and nspace params in the URL
@@ -72,30 +74,6 @@ export default Route.extend(WithBlockingActions, {
         error = e.errors[0];
         error.message = error.title || error.detail || 'Error';
       }
-      // TODO: Unfortunately ember will not maintain the correct URL
-      // for you i.e. when this happens the URL in your browser location bar
-      // will be the URL where you clicked on the link to come here
-      // not the URL where you got the 403 response
-      // Currently this is dealt with a lot better with the new ACLs system, in that
-      // if you get a 403 in the ACLs area, the URL is correct
-      // Moving that app wide right now wouldn't be ideal, therefore simply redirect
-      // to the ACLs URL instead of maintaining the actual URL, which is better than the old
-      // 403 page
-      // To note: Consul only gives you back a 403 if a non-existent token has been sent in the header
-      // if a token has not been sent at all, it just gives you a 200 with an empty dataset
-      // We set a completely null token here, which is different to just deleting a token
-      // in that deleting a token means 'logout' whereas setting it to completely null means
-      // there was a 403. This is only required to get around the legacy tokens
-      // a lot of this can go once we don't support legacy tokens
-      if (error.status === '403') {
-        return this.settings.persist({
-          token: {
-            AccessorID: null,
-            SecretID: null,
-            Namespace: null,
-          },
-        });
-      }
       if (error.status === '') {
         error.message = 'Error';
       }
@@ -136,16 +114,12 @@ export default Route.extend(WithBlockingActions, {
           removeLoading($root);
           // we can't use setupController as we received an error
           // so we do it manually instead
-          next(() => {
-            this.controllerFor('application').setProperties(model);
-            this.controllerFor('error').setProperties({ error: error });
-          });
+          this.controllerFor('application').setProperties(model);
+          this.controllerFor('error').setProperties({ error: error });
         })
         .catch(e => {
           removeLoading($root);
-          next(() => {
-            this.controllerFor('error').setProperties({ error: error });
-          });
+          this.controllerFor('error').setProperties({ error: error });
         });
       return true;
     },
diff --git a/ui-v2/app/services/data-source/protocols/http.js b/ui-v2/app/services/data-source/protocols/http.js
index 6a90796b08ac..a0bbabca6b2b 100644
--- a/ui-v2/app/services/data-source/protocols/http.js
+++ b/ui-v2/app/services/data-source/protocols/http.js
@@ -8,6 +8,7 @@ export default Service.extend({
   policies: service('repository/policy'),
   policy: service('repository/policy'),
   roles: service('repository/role'),
+  oidc: service('repository/oidc-provider'),
   type: service('data-source/protocols/http/blocking'),
   source: function(src, configuration) {
     // TODO: Consider adding/requiring nspace, dc, model, action, ...rest
@@ -29,6 +30,7 @@ export default Service.extend({
         return event;
       };
     }
+    let method, slug;
     switch (model) {
       case 'datacenters':
         find = configuration => repo.findAll(configuration);
@@ -46,6 +48,21 @@ export default Service.extend({
       case 'policy':
         find = configuration => repo.findBySlug(rest[0], dc, nspace, configuration);
         break;
+      case 'oidc':
+        [method, ...slug] = rest;
+        switch (method) {
+          case 'providers':
+            find = configuration => repo.findAllByDatacenter(dc, nspace, configuration);
+            break;
+          case 'provider':
+            find = configuration => repo.findBySlug(slug[0], dc, nspace);
+            break;
+          case 'authorize':
+            find = configuration =>
+              repo.authorize(slug[0], slug[1], slug[2], dc, nspace, configuration);
+            break;
+        }
+        break;
     }
     return this.type.source(find, configuration);
   },
diff --git a/ui-v2/app/services/data-source/service.js b/ui-v2/app/services/data-source/service.js
index ab4b0a481ed2..3cff3fa75b57 100644
--- a/ui-v2/app/services/data-source/service.js
+++ b/ui-v2/app/services/data-source/service.js
@@ -5,11 +5,11 @@ import MultiMap from 'mnemonist/multi-map';
 // TODO: Expose sizes of things via env vars
 
 // caches cursors and previous events when the EventSources are destroyed
-let cache;
+let cache = null;
 // keeps a record of currently in use EventSources
-let sources;
+let sources = null;
 // keeps a count of currently in use EventSources
-let usage;
+let usage = null;
 
 export default Service.extend({
   dom: service('dom'),
@@ -18,10 +18,18 @@ export default Service.extend({
 
   init: function() {
     this._super(...arguments);
+    if (cache === null) {
+      this.resetCache();
+    }
+    this._listeners = this.dom.listeners();
+  },
+  resetCache: function() {
+    Object.entries(sources || {}).forEach(function([key, item]) {
+      item.close();
+    });
     cache = new Map();
     sources = new Map();
     usage = new MultiMap(Set);
-    this._listeners = this.dom.listeners();
   },
   willDestroy: function() {
     this._listeners.remove();
diff --git a/ui-v2/app/services/dom-buffer.js b/ui-v2/app/services/dom-buffer.js
index 9c06b5b4ca16..88f66bffe033 100644
--- a/ui-v2/app/services/dom-buffer.js
+++ b/ui-v2/app/services/dom-buffer.js
@@ -1,28 +1,46 @@
 import Service from '@ember/service';
 import Evented from '@ember/object/evented';
-const buffer = {};
+let buffers;
+// TODO: This all should be replaced with {{#in-element}} if possible
 export default Service.extend(Evented, {
+  init: function() {
+    this._super(...arguments);
+    buffers = {};
+  },
+  willDestroy: function() {
+    Object.entries(buffers).forEach(function([key, items]) {
+      items.forEach(function(item) {
+        item.remove();
+      });
+    });
+    buffers = null;
+  },
   // TODO: Consider renaming this and/or
   // `delete`ing the buffer (but not the DOM element)
   // flush should flush, but maybe being able to re-flush
   // after you've flushed could be handy
   flush: function(name) {
-    return buffer[name];
+    return buffers[name];
   },
   add: function(name, dom) {
     this.trigger('add', dom);
-    if (typeof buffer[name] === 'undefined') {
-      buffer[name] = [];
+    if (typeof buffers[name] === 'undefined') {
+      buffers[name] = [];
     }
-    buffer[name].push(dom);
+    buffers[name].push(dom);
     return dom;
   },
-  remove: function(name) {
-    if (typeof buffer[name] !== 'undefined') {
-      buffer[name].forEach(function(item) {
+  remove: function(name, dom) {
+    if (typeof buffers[name] !== 'undefined') {
+      const buffer = buffers[name];
+      const i = buffer.findIndex(item => item === dom);
+      if (i !== -1) {
+        const item = buffer.splice(i, 1)[0];
         item.remove();
-      });
-      delete buffer[name];
+      }
+      if (buffer.length === 0) {
+        delete buffers[name];
+      }
     }
   },
 });
diff --git a/ui-v2/app/styles/base/components/form-elements/index.scss b/ui-v2/app/styles/base/components/form-elements/index.scss
index d2da88cf10a0..b09c43046485 100644
--- a/ui-v2/app/styles/base/components/form-elements/index.scss
+++ b/ui-v2/app/styles/base/components/form-elements/index.scss
@@ -8,6 +8,7 @@
 %form-element > span {
   @extend %form-element-label;
 }
+%form button + em,
 %form-element > em {
   @extend %form-element-note;
 }
diff --git a/ui-v2/app/styles/base/components/form-elements/layout.scss b/ui-v2/app/styles/base/components/form-elements/layout.scss
index 20ae6d73f325..cb5252d03d00 100644
--- a/ui-v2/app/styles/base/components/form-elements/layout.scss
+++ b/ui-v2/app/styles/base/components/form-elements/layout.scss
@@ -38,6 +38,10 @@
   min-height: 70px;
   padding: 6px 13px;
 }
+/* TODO: notes after buttons need less space, ideally they'd be the same */
+%form button + em {
+  margin-top: 0.5em;
+}
 %form-element-note {
   margin-top: 2px;
 }
diff --git a/ui-v2/app/styles/base/components/form-elements/skin.scss b/ui-v2/app/styles/base/components/form-elements/skin.scss
index ada9552333d5..13cb9cdaa818 100644
--- a/ui-v2/app/styles/base/components/form-elements/skin.scss
+++ b/ui-v2/app/styles/base/components/form-elements/skin.scss
@@ -1,9 +1,3 @@
-%form-element-note {
-  font-style: normal;
-}
-%form-element-label {
-  font-weight: $typo-weight-semibold;
-}
 %form-element-text-input {
   -moz-appearance: none;
   -webkit-appearance: none;
@@ -12,6 +6,8 @@
   border: $decor-border-100;
   outline: none;
 }
+%form fieldset > p,
+%form-element-note,
 %form-element-text-input::placeholder {
   color: $gray-400;
 }
@@ -20,7 +16,7 @@
 }
 %form-element-error > input,
 %form-element-error > textarea {
-  border-color: $color-failure !important;
+  border-color: var(--decor-error-500, $red-500) !important;
 }
 %form-element-text-input {
   color: $gray-500;
@@ -30,13 +26,10 @@
   border-color: $gray-500;
 }
 %form-element-text-input-focus {
-  border-color: $blue-500;
+  border-color: var(--typo-action-500, $blue-500);
 }
 %form-element-label {
-  color: $black;
-}
-%form-element-note {
-  color: $gray-400;
+  color: var(--typo-contrast-999, inherit);
 }
 %form-element-note > code {
   background-color: $gray-200;
diff --git a/ui-v2/app/styles/base/icons/base-variables.scss b/ui-v2/app/styles/base/icons/base-variables.scss
index e0d58c8689e3..885dbbadb8ba 100644
--- a/ui-v2/app/styles/base/icons/base-variables.scss
+++ b/ui-v2/app/styles/base/icons/base-variables.scss
@@ -7,7 +7,7 @@ $arrow-left-svg: url('data:image/svg+xml;charset=UTF-8,<svg viewBox="0 0 24 24"
 $arrow-right-color-svg: url('data:image/svg+xml;charset=UTF-8,<svg viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg"><path d="M3 13h14.2l-3.6 3.6L15 18l6-6-6-6-1.4 1.4 3.6 3.6H3v2z" fill="%232eb039"/></svg>');
 $arrow-right-svg: url('data:image/svg+xml;charset=UTF-8,<svg viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path fill-rule="evenodd" clip-rule="evenodd" d="M3 13h14.17l-3.58 3.59L15 18l6-6-6-6-1.41 1.41L17.17 11H3v2z" fill="%23000"/></svg>');
 $arrow-up-svg: url('data:image/svg+xml;charset=UTF-8,<svg viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path fill-rule="evenodd" clip-rule="evenodd" d="M13 21V6.83l3.59 3.58L18 9l-6-6-6 6 1.41 1.41L11 6.83V21h2z" fill="%23000"/></svg>');
-$aws-logo-color-svg: url('data:image/svg+xml;charset=UTF-8,<svg width="48" height="48" viewBox="0 0 48 48" xmlns="http://www.w3.org/2000/svg"><g fill="none" fill-rule="evenodd"><path d="M13.574 22.395c0 .588.063 1.065.174 1.414.127.35.286.731.509 1.145.08.127.111.254.111.365 0 .16-.095.318-.302.477l-1.001.668a.762.762 0 0 1-.413.143c-.16 0-.318-.08-.477-.223a4.917 4.917 0 0 1-.572-.747c-.16-.27-.318-.572-.493-.938-1.24 1.463-2.797 2.194-4.673 2.194-1.335 0-2.4-.382-3.179-1.145-.779-.763-1.176-1.78-1.176-3.051 0-1.351.477-2.448 1.446-3.274.97-.827 2.257-1.24 3.895-1.24.54 0 1.096.047 1.684.127.588.08 1.192.207 1.828.35V17.5c0-1.209-.254-2.051-.747-2.544-.509-.492-1.367-.73-2.59-.73-.557 0-1.13.063-1.717.206-.588.143-1.16.318-1.717.54a4.56 4.56 0 0 1-.556.207.975.975 0 0 1-.254.047c-.223 0-.334-.158-.334-.492v-.779c0-.254.032-.445.111-.556.08-.112.223-.223.445-.334.556-.286 1.224-.525 2.003-.715a9.636 9.636 0 0 1 2.48-.302c1.89 0 3.273.429 4.164 1.287.874.858 1.319 2.162 1.319 3.91v5.15h.032zM7.12 24.81c.524 0 1.064-.096 1.637-.286.572-.191 1.08-.54 1.51-1.018.254-.302.445-.635.54-1.017.095-.381.159-.842.159-1.383v-.667c-.461-.112-.954-.207-1.462-.27a11.976 11.976 0 0 0-1.494-.096c-1.065 0-1.844.207-2.369.636-.524.43-.778 1.033-.778 1.828 0 .747.19 1.303.588 1.685.381.397.937.588 1.669.588zm12.762 1.716c-.286 0-.476-.048-.604-.159-.127-.095-.238-.318-.333-.62L15.21 13.462c-.096-.318-.143-.524-.143-.636 0-.254.127-.397.381-.397h1.558c.302 0 .508.048.62.16.127.094.222.317.317.619l2.67 10.522 2.48-10.522c.08-.318.175-.525.302-.62.127-.095.35-.159.636-.159h1.271c.302 0 .509.048.636.16.127.094.238.317.302.619l2.511 10.649 2.75-10.65c.095-.317.207-.524.318-.619.127-.095.334-.159.62-.159h1.478c.254 0 .397.127.397.397 0 .08-.016.16-.032.255a2.261 2.261 0 0 1-.11.397l-3.831 12.286c-.096.318-.207.525-.334.62-.127.095-.334.159-.604.159h-1.367c-.302 0-.509-.048-.636-.159s-.238-.318-.302-.636l-2.463-10.251-2.448 10.235c-.08.318-.175.525-.302.636-.127.111-.35.16-.636.16h-1.367zm20.424.43c-.826 0-1.653-.096-2.447-.287-.795-.19-1.415-.397-1.828-.636-.255-.143-.43-.302-.493-.445a1.122 1.122 0 0 1-.095-.445v-.81c0-.334.127-.493.365-.493a.9.9 0 0 1 .286.048c.096.032.239.095.398.159.54.238 1.128.429 1.748.556.636.127 1.256.19 1.891.19 1.002 0 1.78-.174 2.321-.524.54-.35.826-.858.826-1.51 0-.445-.143-.81-.429-1.112-.286-.302-.826-.573-1.605-.827l-2.305-.715c-1.16-.366-2.018-.906-2.543-1.621-.524-.7-.794-1.478-.794-2.305 0-.667.143-1.255.429-1.764a4.087 4.087 0 0 1 1.144-1.303 5.045 5.045 0 0 1 1.653-.827 6.927 6.927 0 0 1 2.003-.27c.35 0 .715.016 1.065.063.365.048.699.112 1.033.175.318.08.62.16.906.255.286.095.508.19.667.286.223.127.382.254.477.397.095.127.143.302.143.525v.747c0 .333-.127.508-.365.508-.128 0-.334-.063-.604-.19-.906-.414-1.924-.62-3.052-.62-.906 0-1.621.143-2.114.445-.493.302-.747.763-.747 1.414 0 .445.159.827.477 1.129.318.302.906.604 1.748.874l2.257.715c1.145.366 1.971.874 2.464 1.526.492.652.73 1.399.73 2.225 0 .684-.142 1.303-.412 1.844a4.275 4.275 0 0 1-1.16 1.398c-.493.398-1.081.684-1.765.89a7.558 7.558 0 0 1-2.273.334z" fill="%23252F3E" fill-rule="nonzero"/><path d="M43.311 34.68c-5.229 3.863-12.826 5.913-19.359 5.913-9.155 0-17.404-3.385-23.634-9.012-.493-.445-.048-1.049.54-.699 6.74 3.91 15.052 6.278 23.65 6.278 5.802 0 12.175-1.208 18.04-3.687.875-.398 1.622.572.763 1.208zm2.178-2.479c-.668-.858-4.419-.413-6.12-.206-.508.063-.588-.382-.127-.716 2.988-2.098 7.9-1.494 8.472-.794.572.715-.159 5.626-2.956 7.979-.43.365-.843.174-.652-.302.636-1.574 2.05-5.118 1.383-5.96z" fill="%23F90"/></g></svg>');
+$aws-logo-color-svg: url('data:image/svg+xml;charset=UTF-8,<svg viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg"><g fill="none" fill-rule="evenodd"><path d="M13.574 22.395c0 .588.063 1.065.174 1.414.127.35.286.731.509 1.145.08.127.111.254.111.365 0 .16-.095.318-.302.477l-1.001.668a.762.762 0 0 1-.413.143c-.16 0-.318-.08-.477-.223a4.917 4.917 0 0 1-.572-.747c-.16-.27-.318-.572-.493-.938-1.24 1.463-2.797 2.194-4.673 2.194-1.335 0-2.4-.382-3.179-1.145-.779-.763-1.176-1.78-1.176-3.051 0-1.351.477-2.448 1.446-3.274.97-.827 2.257-1.24 3.895-1.24.54 0 1.096.047 1.684.127.588.08 1.192.207 1.828.35V17.5c0-1.209-.254-2.051-.747-2.544-.509-.492-1.367-.73-2.59-.73-.557 0-1.13.063-1.717.206-.588.143-1.16.318-1.717.54a4.56 4.56 0 0 1-.556.207.975.975 0 0 1-.254.047c-.223 0-.334-.158-.334-.492v-.779c0-.254.032-.445.111-.556.08-.112.223-.223.445-.334.556-.286 1.224-.525 2.003-.715a9.636 9.636 0 0 1 2.48-.302c1.89 0 3.273.429 4.164 1.287.874.858 1.319 2.162 1.319 3.91v5.15h.032zM7.12 24.81c.524 0 1.064-.096 1.637-.286.572-.191 1.08-.54 1.51-1.018.254-.302.445-.635.54-1.017.095-.381.159-.842.159-1.383v-.667c-.461-.112-.954-.207-1.462-.27a11.976 11.976 0 0 0-1.494-.096c-1.065 0-1.844.207-2.369.636-.524.43-.778 1.033-.778 1.828 0 .747.19 1.303.588 1.685.381.397.937.588 1.669.588zm12.762 1.716c-.286 0-.476-.048-.604-.159-.127-.095-.238-.318-.333-.62L15.21 13.462c-.096-.318-.143-.524-.143-.636 0-.254.127-.397.381-.397h1.558c.302 0 .508.048.62.16.127.094.222.317.317.619l2.67 10.522 2.48-10.522c.08-.318.175-.525.302-.62.127-.095.35-.159.636-.159h1.271c.302 0 .509.048.636.16.127.094.238.317.302.619l2.511 10.649 2.75-10.65c.095-.317.207-.524.318-.619.127-.095.334-.159.62-.159h1.478c.254 0 .397.127.397.397 0 .08-.016.16-.032.255a2.261 2.261 0 0 1-.11.397l-3.831 12.286c-.096.318-.207.525-.334.62-.127.095-.334.159-.604.159h-1.367c-.302 0-.509-.048-.636-.159s-.238-.318-.302-.636l-2.463-10.251-2.448 10.235c-.08.318-.175.525-.302.636-.127.111-.35.16-.636.16h-1.367zm20.424.43c-.826 0-1.653-.096-2.447-.287-.795-.19-1.415-.397-1.828-.636-.255-.143-.43-.302-.493-.445a1.122 1.122 0 0 1-.095-.445v-.81c0-.334.127-.493.365-.493a.9.9 0 0 1 .286.048c.096.032.239.095.398.159.54.238 1.128.429 1.748.556.636.127 1.256.19 1.891.19 1.002 0 1.78-.174 2.321-.524.54-.35.826-.858.826-1.51 0-.445-.143-.81-.429-1.112-.286-.302-.826-.573-1.605-.827l-2.305-.715c-1.16-.366-2.018-.906-2.543-1.621-.524-.7-.794-1.478-.794-2.305 0-.667.143-1.255.429-1.764a4.087 4.087 0 0 1 1.144-1.303 5.045 5.045 0 0 1 1.653-.827 6.927 6.927 0 0 1 2.003-.27c.35 0 .715.016 1.065.063.365.048.699.112 1.033.175.318.08.62.16.906.255.286.095.508.19.667.286.223.127.382.254.477.397.095.127.143.302.143.525v.747c0 .333-.127.508-.365.508-.128 0-.334-.063-.604-.19-.906-.414-1.924-.62-3.052-.62-.906 0-1.621.143-2.114.445-.493.302-.747.763-.747 1.414 0 .445.159.827.477 1.129.318.302.906.604 1.748.874l2.257.715c1.145.366 1.971.874 2.464 1.526.492.652.73 1.399.73 2.225 0 .684-.142 1.303-.412 1.844a4.275 4.275 0 0 1-1.16 1.398c-.493.398-1.081.684-1.765.89a7.558 7.558 0 0 1-2.273.334z" fill="%23252F3E" fill-rule="nonzero"/><path d="M43.311 34.68c-5.229 3.863-12.826 5.913-19.359 5.913-9.155 0-17.404-3.385-23.634-9.012-.493-.445-.048-1.049.54-.699 6.74 3.91 15.052 6.278 23.65 6.278 5.802 0 12.175-1.208 18.04-3.687.875-.398 1.622.572.763 1.208zm2.178-2.479c-.668-.858-4.419-.413-6.12-.206-.508.063-.588-.382-.127-.716 2.988-2.098 7.9-1.494 8.472-.794.572.715-.159 5.626-2.956 7.979-.43.365-.843.174-.652-.302.636-1.574 2.05-5.118 1.383-5.96z" fill="%23F90"/></g></svg>');
 $bolt-svg: url('data:image/svg+xml;charset=UTF-8,<svg viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M13 2L6 14h5v8l7-12h-5V2z" fill="%23000"/></svg>');
 $box-check-fill-svg: url('data:image/svg+xml;charset=UTF-8,<svg viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path fill-rule="evenodd" clip-rule="evenodd" d="M19 3H5a2 2 0 0 0-2 2v14a2 2 0 0 0 2 2h14a2 2 0 0 0 2-2V5a2 2 0 0 0-2-2zm-9 14l-5-5 1.41-1.41L10 14.17l7.59-7.59L19 8l-9 9z" fill="%23000"/></svg>');
 $box-outline-svg: url('data:image/svg+xml;charset=UTF-8,<svg viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path fill-rule="evenodd" clip-rule="evenodd" d="M19 5v14H5V5h14zm0-2H5c-1.1 0-2 .9-2 2v14c0 1.1.9 2 2 2h14c1.1 0 2-.9 2-2V5c0-1.1-.9-2-2-2z" fill="%23000"/></svg>');
@@ -86,6 +86,7 @@ $lock-disabled-svg: url('data:image/svg+xml;charset=UTF-8,<svg viewBox="0 0 24 2
 $lock-open-svg: url('data:image/svg+xml;charset=UTF-8,<svg viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path fill-rule="evenodd" clip-rule="evenodd" d="M18 8h-1V6c0-2.76-2.24-5-5-5S7 3.24 7 6h1.9c0-1.71 1.39-3.1 3.1-3.1 1.71 0 3.1 1.39 3.1 3.1v2H6c-1.1 0-2 .9-2 2v10c0 1.1.9 2 2 2h12c1.1 0 2-.9 2-2V10c0-1.1-.9-2-2-2zm0 12H6V10h12v10zm-3.876-6.233H9.473l2.318 3.938 2.333-3.938z" fill="%23000"/></svg>');
 $logo-alicloud-color-svg: url('data:image/svg+xml;charset=UTF-8,<svg viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M13.488 6.072c0 .131.426 1.745.473 1.783.014.021 1.044.248 2.271.504 1.227.256 2.326.517 2.423.57.132.074.243.18.322.307.12.203.136.423.136 2.774 0 2.352-.015 2.572-.136 2.777a.96.96 0 0 1-.322.306c-.097.051-1.185.307-2.423.57-1.237.263-2.249.487-2.271.51-.047.044-.466 1.65-.473 1.781 0 .082.54.096 2.91.074 3.27-.029 3.307-.036 4.139-.581a3.356 3.356 0 0 0 1.29-1.644c.172-.49.172-.534.172-3.78 0-3.245 0-3.293-.171-3.779a3.339 3.339 0 0 0-1.291-1.642c-.832-.548-.869-.556-4.14-.582-2.37-.036-2.91-.026-2.91.052zM10.512 17.965c0-.13-.427-1.744-.473-1.782-.015-.022-1.045-.249-2.272-.505-1.227-.255-2.325-.517-2.422-.57a.885.885 0 0 1-.323-.306c-.12-.204-.135-.423-.135-2.775s.015-2.571.135-2.776a.96.96 0 0 1 .323-.307c.097-.05 1.185-.307 2.422-.57 1.237-.263 2.25-.487 2.272-.509.046-.045.466-1.65.473-1.782 0-.081-.54-.096-2.91-.074-3.27.03-3.308.036-4.14.582a3.356 3.356 0 0 0-1.29 1.644C2 8.725 2 8.768 2 12.014s0 3.294.172 3.78a3.34 3.34 0 0 0 1.29 1.642c.832.548.87.555 4.14.581 2.37.037 2.91.027 2.91-.052z" fill="%23373C41"/><path fill="%23373C41" d="M9.917 11.681h4.167v.812H9.917z"/></svg>');
 $logo-alicloud-monochrome-svg: url('data:image/svg+xml;charset=UTF-8,<svg viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path fill-rule="evenodd" clip-rule="evenodd" d="M10.512 17.965c0-.13-.427-1.744-.473-1.782-.015-.022-1.045-.249-2.272-.505-1.227-.255-2.325-.517-2.422-.57a.884.884 0 0 1-.323-.306c-.12-.204-.135-.423-.135-2.775s.014-2.571.135-2.776a.96.96 0 0 1 .323-.307c.097-.051 1.185-.307 2.422-.57 1.237-.263 2.25-.487 2.272-.509.046-.045.466-1.65.473-1.782 0-.081-.54-.096-2.91-.074-3.27.03-3.308.036-4.14.582a3.355 3.355 0 0 0-1.29 1.644C2 8.725 2 8.768 2 12.014s0 3.294.172 3.78a3.34 3.34 0 0 0 1.29 1.642c.832.548.87.555 4.14.581 2.37.037 2.91.027 2.91-.052zm2.976-11.893c0 .131.426 1.745.473 1.783.014.021 1.044.248 2.271.504 1.227.256 2.326.517 2.423.57.132.074.243.18.322.307.12.203.136.422.136 2.774s-.015 2.572-.136 2.777a.96.96 0 0 1-.322.306c-.097.051-1.185.307-2.423.57-1.237.263-2.249.487-2.271.51-.047.044-.466 1.65-.473 1.781 0 .082.54.096 2.91.074 3.27-.029 3.307-.036 4.139-.581a3.356 3.356 0 0 0 1.29-1.644c.172-.49.172-.534.172-3.78 0-3.245 0-3.293-.171-3.779a3.34 3.34 0 0 0-1.291-1.642c-.832-.548-.869-.556-4.14-.582-2.37-.036-2.91-.026-2.91.052zm.595 5.61H9.917v.81h4.166v-.81z" fill="%23000"/></svg>');
+$logo-auth0-color-svg: url('data:image/svg+xml;charset=UTF-8,<svg viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M19.805 8.562L17.983 3h-5.885l1.82 5.562h5.887zM12.098 3H6.214L4.396 8.562h5.885L12.098 3zM4.396 8.562a8.003 8.003 0 000 4.975 8.053 8.053 0 002.942 4.025L9.157 12l-4.76-3.438zm15.406 0L15.038 12l1.818 5.562a8.053 8.053 0 002.946-4.024c.53-1.616.53-3.358.003-4.976h-.003zm-12.464 9L12.1 21l4.76-3.438-4.76-3.438-4.76 3.438z" fill="%23EB5424"/></svg>');
 $logo-aws-color-svg: url('data:image/svg+xml;charset=UTF-8,<svg viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path fill-rule="evenodd" clip-rule="evenodd" d="M17.775 12.113c.331.08.675.119 1.02.119.337 0 .649-.047.947-.14.284-.085.53-.205.735-.37.205-.16.364-.358.483-.583.113-.225.172-.483.172-.768 0-.345-.099-.656-.304-.927-.206-.272-.55-.484-1.027-.636l-.94-.298c-.351-.113-.596-.238-.729-.364a.625.625 0 0 1-.198-.47c0-.272.106-.464.311-.59.205-.126.503-.185.88-.185.471 0 .895.086 1.272.258.113.053.199.08.252.08.1 0 .152-.073.152-.213v-.31a.356.356 0 0 0-.06-.22.572.572 0 0 0-.198-.165 1.448 1.448 0 0 0-.278-.12 5.14 5.14 0 0 0-.378-.105c-.139-.027-.278-.053-.43-.073a3.325 3.325 0 0 0-.444-.026c-.291 0-.57.033-.834.112a2.1 2.1 0 0 0-.689.345 1.704 1.704 0 0 0-.477.543c-.119.212-.179.457-.179.735 0 .344.113.669.332.96.218.298.576.523 1.06.675l.96.298c.324.106.55.219.668.345.12.126.18.278.18.463 0 .272-.12.484-.345.63-.225.145-.55.218-.967.218-.265 0-.523-.026-.788-.08a3.606 3.606 0 0 1-.729-.231l-.067-.028c-.039-.016-.073-.03-.098-.038a.376.376 0 0 0-.12-.02c-.099 0-.152.066-.152.205v.338c0 .06.014.126.04.185.026.06.1.126.205.186.172.099.43.185.762.265zM7.728 10.92a2.003 2.003 0 0 1-.072-.59h-.014V8.185c0-.728-.185-1.271-.55-1.629-.37-.357-.946-.536-1.734-.536-.365 0-.709.04-1.033.126-.325.08-.603.178-.835.298a.496.496 0 0 0-.185.139c-.033.046-.047.126-.047.232v.324c0 .14.047.205.14.205.026 0 .059-.006.105-.02a1.9 1.9 0 0 0 .232-.086c.232-.092.47-.165.715-.225s.484-.086.716-.086c.51 0 .867.1 1.079.305.205.205.311.556.311 1.06v.483a8.993 8.993 0 0 0-.761-.146 5.244 5.244 0 0 0-.702-.053c-.682 0-1.219.172-1.623.517-.404.344-.602.801-.602 1.364 0 .53.165.954.49 1.271.324.318.768.477 1.324.477.782 0 1.43-.304 1.947-.914.073.153.14.278.205.391.067.106.146.212.239.311.066.06.132.093.199.093.053 0 .112-.02.172-.06l.417-.278c.086-.066.126-.132.126-.198 0-.047-.013-.1-.047-.153a3.547 3.547 0 0 1-.212-.476zm-2.079.298c-.238.079-.464.119-.682.119-.305 0-.537-.08-.695-.245-.166-.16-.246-.391-.246-.702 0-.331.106-.583.325-.762.219-.179.543-.265.987-.265.205 0 .41.013.622.04.212.026.417.066.61.113v.278c0 .225-.027.417-.067.576-.04.159-.119.298-.225.424-.179.198-.39.344-.629.424zm4.636.834c-.12 0-.199-.02-.252-.066-.053-.04-.1-.133-.139-.258l-1.556-5.12a1.16 1.16 0 0 1-.06-.265c0-.106.053-.165.16-.165h.648c.126 0 .212.02.258.066.053.04.093.132.133.258l1.112 4.384 1.034-4.384c.033-.132.072-.218.125-.258a.456.456 0 0 1 .265-.066h.53c.126 0 .212.02.265.066.053.04.1.132.126.258l1.046 4.437 1.146-4.437c.04-.132.086-.218.132-.258a.432.432 0 0 1 .259-.066h.616c.105 0 .165.053.165.165a.536.536 0 0 1-.01.09l-.003.016a.949.949 0 0 1-.047.166l-1.596 5.12c-.04.131-.086.218-.139.257a.424.424 0 0 1-.251.067h-.57c-.126 0-.212-.02-.265-.067-.053-.046-.1-.132-.126-.264l-1.026-4.272-1.02 4.265c-.033.132-.073.218-.126.265-.053.046-.146.066-.265.066h-.57z" fill="%23252F3E"/><path fill-rule="evenodd" clip-rule="evenodd" d="M18.404 14.331c.709-.086 2.271-.271 2.55.086.278.351-.312 1.828-.576 2.484-.08.198.092.278.271.125 1.166-.98 1.47-3.026 1.232-3.324-.239-.291-2.285-.543-3.53.331-.192.14-.159.325.053.298zm-6.424 3.583c2.722 0 5.888-.854 8.066-2.464.358-.265.047-.668-.317-.503a19.665 19.665 0 0 1-7.517 1.536c-3.583 0-7.046-.986-9.854-2.615-.245-.146-.43.105-.226.29 2.596 2.345 6.034 3.756 9.848 3.756z" fill="%23F90"/></svg>');
 $logo-aws-monochrome-svg: url('data:image/svg+xml;charset=UTF-8,<svg viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path fill-rule="evenodd" clip-rule="evenodd" d="M18.825 12.535c-.346 0-.692-.042-1.025-.125-.332-.084-.592-.174-.765-.278a.488.488 0 0 1-.206-.195.51.51 0 0 1-.04-.194v-.355c0-.146.053-.216.153-.216.04 0 .08.007.12.021l.098.04.068.03c.226.104.472.188.732.243.266.056.525.083.791.083.42 0 .745-.076.971-.229a.757.757 0 0 0 .346-.66.694.694 0 0 0-.18-.487c-.119-.132-.345-.25-.671-.361l-.964-.313c-.486-.16-.845-.397-1.065-.71a1.705 1.705 0 0 1-.332-1.008c0-.292.06-.549.18-.771.119-.223.279-.417.478-.57.2-.16.426-.278.692-.362.266-.083.545-.118.838-.118.146 0 .3.007.446.028.153.02.292.048.432.076.133.035.26.07.38.112.119.041.212.083.279.125.093.055.16.11.2.173.039.056.059.133.059.23v.327c0 .146-.053.222-.153.222a.67.67 0 0 1-.253-.083 2.93 2.93 0 0 0-1.277-.271c-.38 0-.678.062-.885.194-.206.132-.312.334-.312.619 0 .195.066.361.2.494.132.132.378.264.731.382l.945.313c.479.16.824.382 1.03.667.207.285.307.612.307.973 0 .3-.06.57-.173.807-.12.236-.28.445-.486.612a2.11 2.11 0 0 1-.738.389c-.3.097-.612.146-.951.146zM7.636 10.54c0 .257.027.466.073.619.054.152.12.32.213.5a.312.312 0 0 1 .047.16c0 .07-.04.139-.127.208l-.419.293a.31.31 0 0 1-.173.062c-.066 0-.133-.035-.2-.097a2.146 2.146 0 0 1-.239-.327 5.477 5.477 0 0 1-.206-.41c-.519.64-1.17.96-1.955.96-.56 0-1.005-.168-1.33-.501-.327-.334-.493-.779-.493-1.335 0-.591.2-1.07.605-1.432.406-.362.945-.543 1.63-.543.226 0 .459.021.705.056.246.035.499.09.765.153v-.508c0-.528-.106-.896-.313-1.112-.212-.215-.572-.32-1.084-.32-.233 0-.472.028-.718.09a5.135 5.135 0 0 0-.719.237 1.855 1.855 0 0 1-.232.09.392.392 0 0 1-.107.021c-.093 0-.14-.07-.14-.215v-.34c0-.112.014-.196.047-.244a.501.501 0 0 1 .186-.146c.233-.125.512-.23.838-.313.326-.09.672-.132 1.038-.132.792 0 1.37.188 1.743.563.366.375.552.946.552 1.71v2.253h.013zm-2.7 1.057c.22 0 .445-.042.685-.126a1.48 1.48 0 0 0 .632-.445 1.12 1.12 0 0 0 .226-.444c.04-.167.066-.369.066-.605v-.292a5.34 5.34 0 0 0-.612-.119 4.799 4.799 0 0 0-.625-.041c-.446 0-.772.09-.991.278-.22.188-.326.452-.326.8 0 .326.08.57.246.736.16.174.393.258.699.258zm5.088.68c.053.05.133.07.253.07h.572c.12 0 .213-.02.266-.07.053-.048.093-.138.127-.277l1.024-4.477 1.03 4.484c.027.139.074.23.127.278.053.048.14.07.266.07h.572c.114 0 .2-.029.253-.07.053-.042.1-.132.14-.271l1.603-5.374a1.03 1.03 0 0 0 .046-.174l.003-.018c.006-.034.01-.064.01-.093 0-.119-.06-.174-.165-.174h-.62a.42.42 0 0 0-.258.07c-.047.041-.094.131-.134.27l-1.15 4.658-1.051-4.658c-.027-.132-.074-.229-.127-.27-.053-.05-.14-.07-.266-.07h-.532a.443.443 0 0 0-.266.07c-.053.041-.093.131-.126.27l-1.038 4.603L9.465 6.52c-.04-.132-.08-.229-.133-.27-.046-.05-.133-.07-.259-.07h-.652c-.106 0-.16.062-.16.174 0 .048.02.139.06.278l1.563 5.374c.04.132.087.23.14.27zm10.969 2.552c-.28-.375-1.85-.18-2.561-.09-.213.028-.246-.167-.053-.313 1.25-.918 3.306-.653 3.545-.348.24.313-.066 2.462-1.237 3.49-.18.16-.353.077-.273-.132.266-.688.858-2.238.579-2.607zm-.911 1.085c-2.189 1.69-5.368 2.586-8.102 2.586-3.832 0-7.284-1.48-9.891-3.942-.207-.194-.02-.459.226-.306 2.82 1.71 6.299 2.746 9.898 2.746 2.428 0 5.095-.528 7.55-1.613.365-.173.678.25.319.529z" fill="%23000"/></svg>');
 $logo-azure-color-svg: url('data:image/svg+xml;charset=UTF-8,<svg viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M11.105 18.43l4.642-.82.043-.01-2.387-2.84a402.878 402.878 0 0 1-2.387-2.853c0-.014 2.465-6.802 2.479-6.826.004-.008 1.682 2.888 4.066 7.02l4.09 7.09.031.054-7.587-.001-7.587-.001 4.597-.812zM2 17.565c0-.004 1.125-1.957 2.5-4.34L7 8.893l2.913-2.445C11.515 5.104 12.83 4.002 12.836 4a.515.515 0 0 1-.047.118l-3.164 6.785-3.107 6.663-2.259.003c-1.242.002-2.259 0-2.259-.004z" fill="%230089D6"/></svg>');
@@ -100,6 +101,7 @@ $logo-gitlab-color-svg: url('data:image/svg+xml;charset=UTF-8,<svg viewBox="0 0
 $logo-gitlab-monochrome-svg: url('data:image/svg+xml;charset=UTF-8,<svg viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M21.937 13.292l-1.12-3.364-2.213-6.672A.382.382 0 0 0 18.24 3a.382.382 0 0 0-.363.256l-2.215 6.668H8.307L6.092 3.256A.382.382 0 0 0 5.73 3a.382.382 0 0 0-.363.256l-2.21 6.668-1.12 3.368a.736.736 0 0 0 .276.833L11.986 21l9.67-6.875a.738.738 0 0 0 .28-.833z" fill="%23000"/></svg>');
 $logo-kubernetes-color-svg: url('data:image/svg+xml;charset=UTF-8,<svg viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path fill-rule="evenodd" clip-rule="evenodd" d="M7.011 21.384c.306.397.759.616 1.238.616l7.508-.014c.479 0 .932-.233 1.238-.616l4.659-5.959a1.69 1.69 0 0 0 .306-1.397l-1.664-7.439a1.612 1.612 0 0 0-.865-1.11l-6.736-3.3A1.517 1.517 0 0 0 12.003 2c-.24 0-.48.055-.692.164L4.575 5.48c-.44.22-.759.617-.865 1.11l-1.664 7.438c-.12.494 0 1 .306 1.398l4.659 5.959zm12.154-8.145h.014c.253.07.408.295.408.464a.474.474 0 0 1-.45.324c-.043 0-.07 0-.113-.014-.014-.014-.028-.014-.042-.014-.014 0-.028-.004-.042-.007-.015-.004-.029-.007-.043-.007a1.357 1.357 0 0 1-.253-.099c-.021-.007-.042-.017-.063-.028-.021-.01-.043-.021-.064-.028h-.014c-.267-.099-.506-.183-.732-.211h-.028a.254.254 0 0 0-.142.047l-.04.023c-.008 0-.011.004-.015.007-.003.004-.007.007-.014.007l-.169-.028c-.14.436-.338.873-.591 1.267a5.453 5.453 0 0 1-1.858 1.816l.07.169c0 .007-.003.01-.007.014-.003.003-.007.007-.007.014l-.01.043a.31.31 0 0 0-.004.182c.067.2.196.399.34.622l.026.04v.014a.786.786 0 0 0 .042.056c.014.018.028.035.042.056.057.07.113.141.155.226.014.014.028.042.043.07 0 .007.003.01.007.014.003.004.007.007.007.014.056.113.056.24.028.352a.42.42 0 0 1-.211.253.375.375 0 0 1-.17.043.478.478 0 0 1-.422-.268s-.014-.014-.014-.028l-.02-.035c-.008-.01-.015-.021-.022-.035a.9.9 0 0 1-.06-.17l-.024-.084-.043-.127v-.014l-.023-.062a4.334 4.334 0 0 0-.272-.641.26.26 0 0 0-.183-.127c-.008-.008-.012-.012-.016-.013l-.012-.001-.085-.155c-.24.085-.478.155-.732.211a5.11 5.11 0 0 1-1.224.141 5.5 5.5 0 0 1-1.971-.366l-.099.183c-.008.008-.011.011-.015.013l-.013.001a.628.628 0 0 1-.036.017.29.29 0 0 0-.147.11c-.112.174-.18.37-.262.608l-.033.096-.043.126-.025.081c-.015.054-.03.107-.059.173a.307.307 0 0 0-.042.07s-.014.014-.014.028a.506.506 0 0 1-.423.268.375.375 0 0 1-.169-.043c-.21-.098-.295-.366-.183-.605 0 0 .015-.014.015-.028.014-.028.028-.056.042-.07l.041-.063c.038-.058.072-.11.114-.163l.042-.056a.783.783 0 0 0 .042-.056v-.014c.155-.24.282-.45.366-.662a.29.29 0 0 0-.028-.225c0-.007-.004-.01-.007-.014-.004-.004-.007-.007-.007-.014l.084-.183a5.706 5.706 0 0 1-.605-.409 5.567 5.567 0 0 1-1.844-2.646l-.197.028c-.007 0-.01-.003-.014-.007-.004-.003-.007-.007-.014-.007l-.01-.006c-.04-.028-.095-.064-.173-.064h-.028c-.226.028-.465.113-.732.211h-.014c-.022.007-.043.018-.064.028-.02.01-.042.021-.063.028-.085.043-.155.07-.253.099a.173.173 0 0 0-.043.007c-.014.003-.028.007-.042.007 0 .014-.014.014-.028.014-.042.014-.07.014-.113.014-.225 0-.408-.127-.45-.324a.462.462 0 0 1 .366-.52c.014-.015.028-.015.042-.015a.177.177 0 0 0 .042-.007.173.173 0 0 1 .043-.007l.036-.005a1.61 1.61 0 0 1 .231-.023c.042-.014.099-.014.14-.014h.015c.295-.028.549-.056.76-.127a.327.327 0 0 0 .155-.154c0-.008.003-.011.007-.014.003-.004.007-.008.007-.015l.183-.056a5.482 5.482 0 0 1 .788-3.716.277.277 0 0 1 .046-.078.836.836 0 0 0 .025-.035l-.141-.126v-.028c0-.07 0-.141-.07-.212-.162-.148-.363-.27-.602-.417l-.032-.019c-.042-.028-.085-.056-.127-.07a2.12 2.12 0 0 1-.239-.141c-.014-.007-.025-.018-.035-.028a.138.138 0 0 0-.035-.028c-.007 0-.011-.004-.014-.007-.004-.004-.008-.007-.015-.007-.197-.17-.239-.45-.098-.634a.4.4 0 0 1 .324-.155c.112 0 .225.042.31.113 0 .009.005.012.012.016l.015.012c.017.016.033.028.047.038.01.007.018.012.024.018.07.07.127.127.183.197.029.02.051.045.071.069a3.733 3.733 0 0 0 .59.55.227.227 0 0 0 .127.043.177.177 0 0 0 .042-.007c.014-.004.029-.007.043-.007h.028l.14.098a5.426 5.426 0 0 1 3.548-1.689l.014-.183.028-.028.016-.016c.04-.037.084-.08.097-.167.022-.18 0-.376-.024-.591a14.75 14.75 0 0 1-.019-.169v-.014c-.006-.026-.01-.049-.013-.07a.418.418 0 0 0-.015-.07.818.818 0 0 1-.042-.268V4.82c0-.127.042-.24.127-.324a.452.452 0 0 1 .31-.14c.239 0 .436.21.436.464v.127c-.014.098-.029.183-.043.267a.503.503 0 0 0-.028.141v.014l-.005.056c-.027.26-.05.494-.037.704.012.087.057.13.097.168l.016.015.028.028.014.183a5.621 5.621 0 0 1 2.942 1.169c.197.169.394.338.577.535l.169-.113h.028c.028.014.056.014.084.014a.227.227 0 0 0 .127-.042c.183-.127.366-.296.563-.507a.363.363 0 0 0 .072-.068.511.511 0 0 1 .027-.03c.056-.07.112-.127.183-.198a.136.136 0 0 0 .035-.028c.01-.01.021-.02.035-.028l.028-.028a.523.523 0 0 1 .31-.113.4.4 0 0 1 .324.155c.14.183.098.465-.099.634 0 .008-.005.012-.013.016-.004.003-.01.006-.015.012-.017.016-.033.028-.047.038a2.111 2.111 0 0 1-.263.16c-.02.013-.042.024-.063.034-.021.01-.042.021-.063.035l-.032.02c-.24.146-.44.268-.602.417a.318.318 0 0 0-.07.21v.029l-.14.127c.365.563.633 1.182.787 1.844a5.57 5.57 0 0 1 .099 1.984l.183.057c0 .007.003.01.007.014.003.003.007.007.007.014a.274.274 0 0 0 .155.155c.225.07.464.098.76.126h.014c.056.014.099.014.14.014.075 0 .148.011.231.023l.037.006c.014 0 .028.003.042.007a.178.178 0 0 0 .043.007c0 .014.014.014.028.014zm-7.123-.394l.62-.296.14-.662-.422-.535h-.69l-.422.535.155.662.62.296zm4.293-1.76c.113.479.141.957.099 1.422l-2.154-.62a.382.382 0 0 1-.267-.45.335.335 0 0 1 .084-.155l1.704-1.534c.239.394.422.844.534 1.337zm-3.054-.873l1.844-1.309A4.272 4.272 0 0 0 12.59 7.68l.127 2.294c.014.056.028.113.07.155a.375.375 0 0 0 .493.084zM11.043 7.75l.225-.042.225-.042-.126 2.252a.385.385 0 0 1-.38.366.335.335 0 0 1-.17-.042L8.946 8.902a4.294 4.294 0 0 1 2.098-1.154zm-1.098 3.49L8.27 9.749a4.532 4.532 0 0 0-.634 2.759l2.182-.634a.28.28 0 0 0 .17-.112.375.375 0 0 0-.043-.521zM7.89 13.563l2.238-.38a.38.38 0 0 1 .394.296.401.401 0 0 1-.014.225l-.859 2.07a4.437 4.437 0 0 1-1.76-2.21zm4.152 2.914c.338 0 .662-.042.986-.112.062-.02.124-.035.185-.05.077-.02.152-.04.223-.063l-1.084-1.957a.599.599 0 0 0-.169-.154c-.155-.085-.338-.029-.45.098l-1.113 2.013c.451.14.93.225 1.422.225zm3.73-2.069a4.467 4.467 0 0 1-1.35 1.365l-.888-2.125a.379.379 0 0 1 .197-.436.449.449 0 0 1 .197-.043l2.253.38a2.83 2.83 0 0 1-.409.859z" fill="%23326DE6"/><mask id="a" maskUnits="userSpaceOnUse" x="2" y="2" width="20" height="20"><path fill-rule="evenodd" clip-rule="evenodd" d="M7.011 21.384c.306.397.759.616 1.238.616l7.508-.014c.479 0 .932-.233 1.238-.616l4.659-5.959a1.69 1.69 0 0 0 .306-1.397l-1.664-7.439a1.612 1.612 0 0 0-.865-1.11l-6.736-3.3A1.517 1.517 0 0 0 12.003 2c-.24 0-.48.055-.692.164L4.575 5.48c-.44.22-.759.617-.865 1.11l-1.664 7.438c-.12.494 0 1 .306 1.398l4.659 5.959zm12.154-8.145h.014c.253.07.408.295.408.464a.474.474 0 0 1-.45.324c-.043 0-.07 0-.113-.014-.014-.014-.028-.014-.042-.014-.014 0-.028-.004-.042-.007-.015-.004-.029-.007-.043-.007a1.357 1.357 0 0 1-.253-.099c-.021-.007-.042-.017-.063-.028-.021-.01-.043-.021-.064-.028h-.014c-.267-.099-.506-.183-.732-.211h-.028a.254.254 0 0 0-.142.047l-.04.023c-.008 0-.011.004-.015.007-.003.004-.007.007-.014.007l-.169-.028c-.14.436-.338.873-.591 1.267a5.453 5.453 0 0 1-1.858 1.816l.07.169c0 .007-.003.01-.007.014-.003.003-.007.007-.007.014l-.01.043a.31.31 0 0 0-.004.182c.067.2.196.399.34.622l.026.04v.014a.786.786 0 0 0 .042.056c.014.018.028.035.042.056.057.07.113.141.155.226.014.014.028.042.043.07 0 .007.003.01.007.014.003.004.007.007.007.014.056.113.056.24.028.352a.42.42 0 0 1-.211.253.375.375 0 0 1-.17.043.478.478 0 0 1-.422-.268s-.014-.014-.014-.028l-.02-.035c-.008-.01-.015-.021-.022-.035a.9.9 0 0 1-.06-.17l-.024-.084-.043-.127v-.014l-.023-.062a4.334 4.334 0 0 0-.272-.641.26.26 0 0 0-.183-.127c-.008-.008-.012-.012-.016-.013l-.012-.001-.085-.155c-.24.085-.478.155-.732.211a5.11 5.11 0 0 1-1.224.141 5.5 5.5 0 0 1-1.971-.366l-.099.183c-.008.008-.011.011-.015.013l-.013.001a.628.628 0 0 1-.036.017.29.29 0 0 0-.147.11c-.112.174-.18.37-.262.608l-.033.096-.043.126-.025.081c-.015.054-.03.107-.059.173a.307.307 0 0 0-.042.07s-.014.014-.014.028a.506.506 0 0 1-.423.268.375.375 0 0 1-.169-.043c-.21-.098-.295-.366-.183-.605 0 0 .015-.014.015-.028.014-.028.028-.056.042-.07l.041-.063c.038-.058.072-.11.114-.163l.042-.056a.783.783 0 0 0 .042-.056v-.014c.155-.24.282-.45.366-.662a.29.29 0 0 0-.028-.225c0-.007-.004-.01-.007-.014-.004-.004-.007-.007-.007-.014l.084-.183a5.706 5.706 0 0 1-.605-.409 5.567 5.567 0 0 1-1.844-2.646l-.197.028c-.007 0-.01-.003-.014-.007-.004-.003-.007-.007-.014-.007l-.01-.006c-.04-.028-.095-.064-.173-.064h-.028c-.226.028-.465.113-.732.211h-.014c-.022.007-.043.018-.064.028-.02.01-.042.021-.063.028-.085.043-.155.07-.253.099a.173.173 0 0 0-.043.007c-.014.003-.028.007-.042.007 0 .014-.014.014-.028.014-.042.014-.07.014-.113.014-.225 0-.408-.127-.45-.324a.462.462 0 0 1 .366-.52c.014-.015.028-.015.042-.015a.177.177 0 0 0 .042-.007.173.173 0 0 1 .043-.007l.036-.005a1.61 1.61 0 0 1 .231-.023c.042-.014.099-.014.14-.014h.015c.295-.028.549-.056.76-.127a.327.327 0 0 0 .155-.154c0-.008.003-.011.007-.014.003-.004.007-.008.007-.015l.183-.056a5.482 5.482 0 0 1 .788-3.716.277.277 0 0 1 .046-.078.836.836 0 0 0 .025-.035l-.141-.126v-.028c0-.07 0-.141-.07-.212-.162-.148-.363-.27-.602-.417l-.032-.019c-.042-.028-.085-.056-.127-.07a2.12 2.12 0 0 1-.239-.141c-.014-.007-.025-.018-.035-.028a.138.138 0 0 0-.035-.028c-.007 0-.011-.004-.014-.007-.004-.004-.008-.007-.015-.007-.197-.17-.239-.45-.098-.634a.4.4 0 0 1 .324-.155c.112 0 .225.042.31.113 0 .009.005.012.012.016l.015.012c.017.016.033.028.047.038.01.007.018.012.024.018.07.07.127.127.183.197.029.02.051.045.071.069a3.733 3.733 0 0 0 .59.55.227.227 0 0 0 .127.043.177.177 0 0 0 .042-.007c.014-.004.029-.007.043-.007h.028l.14.098a5.426 5.426 0 0 1 3.548-1.689l.014-.183.028-.028.016-.016c.04-.037.084-.08.097-.167.022-.18 0-.376-.024-.591a14.75 14.75 0 0 1-.019-.169v-.014c-.006-.026-.01-.049-.013-.07a.418.418 0 0 0-.015-.07.818.818 0 0 1-.042-.268V4.82c0-.127.042-.24.127-.324a.452.452 0 0 1 .31-.14c.239 0 .436.21.436.464v.127c-.014.098-.029.183-.043.267a.503.503 0 0 0-.028.141v.014l-.005.056c-.027.26-.05.494-.037.704.012.087.057.13.097.168l.016.015.028.028.014.183a5.621 5.621 0 0 1 2.942 1.169c.197.169.394.338.577.535l.169-.113h.028c.028.014.056.014.084.014a.227.227 0 0 0 .127-.042c.183-.127.366-.296.563-.507a.363.363 0 0 0 .072-.068.511.511 0 0 1 .027-.03c.056-.07.112-.127.183-.198a.136.136 0 0 0 .035-.028c.01-.01.021-.02.035-.028l.028-.028a.523.523 0 0 1 .31-.113.4.4 0 0 1 .324.155c.14.183.098.465-.099.634 0 .008-.005.012-.013.016-.004.003-.01.006-.015.012-.017.016-.033.028-.047.038a2.111 2.111 0 0 1-.263.16c-.02.013-.042.024-.063.034-.021.01-.042.021-.063.035l-.032.02c-.24.146-.44.268-.602.417a.318.318 0 0 0-.07.21v.029l-.14.127c.365.563.633 1.182.787 1.844a5.57 5.57 0 0 1 .099 1.984l.183.057c0 .007.003.01.007.014.003.003.007.007.007.014a.274.274 0 0 0 .155.155c.225.07.464.098.76.126h.014c.056.014.099.014.14.014.075 0 .148.011.231.023l.037.006c.014 0 .028.003.042.007a.178.178 0 0 0 .043.007c0 .014.014.014.028.014zm-7.123-.394l.62-.296.14-.662-.422-.535h-.69l-.422.535.155.662.62.296zm4.293-1.76c.113.479.141.957.099 1.422l-2.154-.62a.382.382 0 0 1-.267-.45.335.335 0 0 1 .084-.155l1.704-1.534c.239.394.422.844.534 1.337zm-3.054-.873l1.844-1.309A4.272 4.272 0 0 0 12.59 7.68l.127 2.294c.014.056.028.113.07.155a.375.375 0 0 0 .493.084zM11.043 7.75l.225-.042.225-.042-.126 2.252a.385.385 0 0 1-.38.366.335.335 0 0 1-.17-.042L8.946 8.902a4.294 4.294 0 0 1 2.098-1.154zm-1.098 3.49L8.27 9.749a4.532 4.532 0 0 0-.634 2.759l2.182-.634a.28.28 0 0 0 .17-.112.375.375 0 0 0-.043-.521zM7.89 13.563l2.238-.38a.38.38 0 0 1 .394.296.401.401 0 0 1-.014.225l-.859 2.07a4.437 4.437 0 0 1-1.76-2.21zm4.152 2.914c.338 0 .662-.042.986-.112.062-.02.124-.035.185-.05.077-.02.152-.04.223-.063l-1.084-1.957a.599.599 0 0 0-.169-.154c-.155-.085-.338-.029-.45.098l-1.113 2.013c.451.14.93.225 1.422.225zm3.73-2.069a4.467 4.467 0 0 1-1.35 1.365l-.888-2.125a.379.379 0 0 1 .197-.436.449.449 0 0 1 .197-.043l2.253.38a2.83 2.83 0 0 1-.409.859z" fill="%23fff"/></mask></svg>');
 $logo-kubernetes-monochrome-svg: url('data:image/svg+xml;charset=UTF-8,<svg viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path fill-rule="evenodd" clip-rule="evenodd" d="M7.011 21.384c.306.397.759.616 1.238.616l7.508-.014c.479 0 .932-.233 1.238-.616l4.659-5.959a1.69 1.69 0 0 0 .306-1.397l-1.664-7.439a1.612 1.612 0 0 0-.865-1.11l-6.736-3.3A1.517 1.517 0 0 0 12.003 2c-.24 0-.48.055-.692.164L4.575 5.48c-.44.22-.759.617-.865 1.11l-1.664 7.438c-.12.494 0 1 .306 1.398l4.659 5.959zm12.154-8.145h.014c.253.07.408.295.408.464a.474.474 0 0 1-.45.324c-.043 0-.07 0-.113-.014-.014-.014-.028-.014-.042-.014-.014 0-.028-.004-.042-.007-.015-.004-.029-.007-.043-.007a1.357 1.357 0 0 1-.253-.099c-.021-.007-.042-.017-.063-.028-.021-.01-.043-.021-.064-.028h-.014c-.267-.099-.506-.183-.732-.211h-.028a.254.254 0 0 0-.142.047l-.04.023c-.008 0-.011.004-.015.007-.003.004-.007.007-.014.007l-.169-.028c-.14.436-.338.873-.591 1.267a5.453 5.453 0 0 1-1.858 1.816l.07.169c0 .007-.003.01-.007.014-.003.003-.007.007-.007.014l-.01.043a.31.31 0 0 0-.004.182c.067.2.196.399.34.622l.026.04v.014a.786.786 0 0 0 .042.056c.014.018.028.035.042.056.057.07.113.141.155.226.014.014.028.042.043.07 0 .007.003.01.007.014.003.004.007.007.007.014.056.113.056.24.028.352a.42.42 0 0 1-.211.253.375.375 0 0 1-.17.043.478.478 0 0 1-.422-.268s-.014-.014-.014-.028l-.02-.035c-.008-.01-.015-.021-.022-.035a.9.9 0 0 1-.06-.17l-.024-.084-.043-.127v-.014l-.023-.062a4.334 4.334 0 0 0-.272-.641.26.26 0 0 0-.183-.127c-.008-.008-.012-.012-.016-.013l-.012-.001-.085-.155c-.24.085-.478.155-.732.211a5.11 5.11 0 0 1-1.224.141 5.5 5.5 0 0 1-1.971-.366l-.099.183c-.008.008-.011.011-.015.013l-.013.001a.628.628 0 0 1-.036.017.29.29 0 0 0-.147.11c-.112.174-.18.37-.262.608l-.033.096-.043.126-.025.081c-.015.054-.03.107-.059.173a.307.307 0 0 0-.042.07s-.014.014-.014.028a.506.506 0 0 1-.423.268.375.375 0 0 1-.169-.043c-.21-.098-.295-.366-.183-.605 0 0 .015-.014.015-.028.014-.028.028-.056.042-.07l.041-.063c.038-.058.072-.11.114-.163l.042-.056a.783.783 0 0 0 .042-.056v-.014c.155-.24.282-.45.366-.662a.29.29 0 0 0-.028-.225c0-.007-.004-.01-.007-.014-.004-.004-.007-.007-.007-.014l.084-.183a5.706 5.706 0 0 1-.605-.409 5.567 5.567 0 0 1-1.844-2.646l-.197.028c-.007 0-.01-.003-.014-.007-.004-.003-.007-.007-.014-.007l-.01-.006c-.04-.028-.095-.064-.173-.064h-.028c-.226.028-.465.113-.732.211h-.014c-.022.007-.043.018-.064.028-.02.01-.042.021-.063.028-.085.043-.155.07-.253.099a.173.173 0 0 0-.043.007c-.014.003-.028.007-.042.007 0 .014-.014.014-.028.014-.042.014-.07.014-.113.014-.225 0-.408-.127-.45-.324a.462.462 0 0 1 .366-.52c.014-.015.028-.015.042-.015a.177.177 0 0 0 .042-.007.173.173 0 0 1 .043-.007l.036-.005a1.61 1.61 0 0 1 .231-.023c.042-.014.099-.014.14-.014h.015c.295-.028.549-.056.76-.127a.327.327 0 0 0 .155-.154c0-.008.003-.011.007-.014.003-.004.007-.008.007-.015l.183-.056a5.482 5.482 0 0 1 .788-3.716.277.277 0 0 1 .046-.078.836.836 0 0 0 .025-.035l-.141-.126v-.028c0-.07 0-.141-.07-.212-.162-.148-.363-.27-.602-.417l-.032-.019c-.042-.028-.085-.056-.127-.07a2.12 2.12 0 0 1-.239-.141c-.014-.007-.025-.018-.035-.028a.138.138 0 0 0-.035-.028c-.007 0-.011-.004-.014-.007-.004-.004-.008-.007-.015-.007-.197-.17-.239-.45-.098-.634a.4.4 0 0 1 .324-.155c.112 0 .225.042.31.113 0 .009.005.012.012.016l.015.012c.017.016.033.028.047.038.01.007.018.012.024.018.07.07.127.127.183.197.029.02.051.045.071.069a3.733 3.733 0 0 0 .59.55.227.227 0 0 0 .127.043.177.177 0 0 0 .042-.007c.014-.004.029-.007.043-.007h.028l.14.098a5.426 5.426 0 0 1 3.548-1.689l.014-.183.028-.028.016-.016c.04-.037.084-.08.097-.167.022-.18 0-.376-.024-.591a14.75 14.75 0 0 1-.019-.169v-.014c-.006-.026-.01-.049-.013-.07a.418.418 0 0 0-.015-.07.818.818 0 0 1-.042-.268V4.82c0-.127.042-.24.127-.324a.452.452 0 0 1 .31-.14c.239 0 .436.21.436.464v.127c-.014.098-.029.183-.043.267a.503.503 0 0 0-.028.141v.014l-.005.056c-.027.26-.05.494-.037.704.012.087.057.13.097.168l.016.015.028.028.014.183a5.621 5.621 0 0 1 2.942 1.169c.197.169.394.338.577.535l.169-.113h.028c.028.014.056.014.084.014a.227.227 0 0 0 .127-.042c.183-.127.366-.296.563-.507a.363.363 0 0 0 .072-.068.511.511 0 0 1 .027-.03c.056-.07.112-.127.183-.198a.136.136 0 0 0 .035-.028c.01-.01.021-.02.035-.028l.028-.028a.523.523 0 0 1 .31-.113.4.4 0 0 1 .324.155c.14.183.098.465-.099.634 0 .008-.005.012-.013.016-.004.003-.01.006-.015.012-.017.016-.033.028-.047.038a2.111 2.111 0 0 1-.263.16c-.02.013-.042.024-.063.034-.021.01-.042.021-.063.035l-.032.02c-.24.146-.44.268-.602.417a.318.318 0 0 0-.07.21v.029l-.14.127c.365.563.633 1.182.787 1.844a5.57 5.57 0 0 1 .099 1.984l.183.057c0 .007.003.01.007.014.003.003.007.007.007.014a.274.274 0 0 0 .155.155c.225.07.464.098.76.126h.014c.056.014.099.014.14.014.075 0 .148.011.231.023l.037.006c.014 0 .028.003.042.007a.178.178 0 0 0 .043.007c0 .014.014.014.028.014zm-7.123-.394l.62-.296.14-.662-.422-.535h-.69l-.422.535.155.662.62.296zm4.293-1.76c.113.479.141.957.099 1.422l-2.154-.62a.382.382 0 0 1-.267-.45.335.335 0 0 1 .084-.155l1.704-1.534c.239.394.422.844.534 1.337zm-3.054-.873l1.844-1.309A4.272 4.272 0 0 0 12.59 7.68l.127 2.294c.014.056.028.113.07.155a.375.375 0 0 0 .493.084zM11.043 7.75l.225-.042.225-.042-.126 2.252a.385.385 0 0 1-.38.366.335.335 0 0 1-.17-.042L8.946 8.902a4.294 4.294 0 0 1 2.098-1.154zm-1.098 3.49L8.27 9.749a4.532 4.532 0 0 0-.634 2.759l2.182-.634a.28.28 0 0 0 .17-.112.375.375 0 0 0-.043-.521zM7.89 13.563l2.238-.38a.38.38 0 0 1 .394.296.401.401 0 0 1-.014.225l-.859 2.07a4.437 4.437 0 0 1-1.76-2.21zm4.152 2.914c.338 0 .662-.042.986-.112.062-.02.124-.035.185-.05.077-.02.152-.04.223-.063l-1.084-1.957a.599.599 0 0 0-.169-.154c-.155-.085-.338-.029-.45.098l-1.113 2.013c.451.14.93.225 1.422.225zm3.73-2.069a4.467 4.467 0 0 1-1.35 1.365l-.888-2.125a.379.379 0 0 1 .197-.436.449.449 0 0 1 .197-.043l2.253.38a2.83 2.83 0 0 1-.409.859z" fill="%23000"/></svg>');
+$logo-okta-color-svg: url('data:image/svg+xml;charset=UTF-8,<svg viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M3.019 9.528a3.019 3.019 0 100 6.037 3.019 3.019 0 000-6.037zM14.166 7.5c.192 0 .261.144.261.238l.003 1.527c0 .158.128.273.285.273h1.36c.107 0 .226.102.226.285v.956c0 .18-.138.261-.237.261h-1.35c-.162 0-.28.13-.28.29v1.233c0 .027-.004.054-.003.081a1.506 1.506 0 001.737 1.41.242.242 0 01.28.212l.108 1.011a.254.254 0 01-.22.278 3.02 3.02 0 01-3.422-2.909V7.733c0-.155.12-.232.248-.232h1.004zm5.654 2.028c.541 0 1.049.144 1.488.394v-.128c0-.155.135-.256.262-.256h1.006c.192 0 .262.162.262.256l.002 2.752v.01c.002 1.15.13 1.455.985 1.455.1 0 .175.1.175.2v1.074c0 .301-.645.28-.767.28-.712-.006-1.168-.293-1.452-.725a3.019 3.019 0 11-1.96-5.312zM8.062 7.5c.115 0 .258.065.258.24l.001 3.423c0 .245.3.363.467.183l1.606-1.73c.019-.018.046-.047.12-.068a.428.428 0 01.117-.01h1.233c.252 0 .326.279.21.422l-1.793 1.99c-.293.311-.32.43-.064.737l.117.123 2.256 2.312c.117.143.041.426-.204.426h-1.361a.502.502 0 01-.13-.012c-.073-.022-.089-.051-.108-.07-.007-.007-1.258-1.324-2.01-2.094a.266.266 0 00-.457.186v1.751c0 .117-.102.23-.258.23h-1.01c-.115 0-.26-.048-.26-.223V7.719c0-.103.085-.219.26-.219h1.01zm-5.043 3.537a1.51 1.51 0 110 3.02 1.51 1.51 0 010-3.02zm16.802 0a1.51 1.51 0 100 3.019 1.51 1.51 0 000-3.02z" fill="%23007DC1"/></svg>');
 $logo-oracle-color-svg: url('data:image/svg+xml;charset=UTF-8,<svg viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path fill-rule="evenodd" clip-rule="evenodd" d="M2 12.316a6.32 6.32 0 0 0 6.326 6.316h7.348A6.32 6.32 0 0 0 22 12.316 6.32 6.32 0 0 0 15.674 6H8.326A6.32 6.32 0 0 0 2 12.316zm17.61 0a4.09 4.09 0 0 1-4.095 4.088H8.488a4.09 4.09 0 0 1-4.094-4.087A4.09 4.09 0 0 1 8.49 8.229h7.026a4.09 4.09 0 0 1 4.094 4.088z" fill="%23EA1B22"/></svg>');
 $logo-oracle-monochrome-svg: url('data:image/svg+xml;charset=UTF-8,<svg viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path fill-rule="evenodd" clip-rule="evenodd" d="M2 12.316a6.32 6.32 0 0 0 6.326 6.316h7.348A6.32 6.32 0 0 0 22 12.316 6.32 6.32 0 0 0 15.674 6H8.326A6.32 6.32 0 0 0 2 12.316zm17.61 0a4.09 4.09 0 0 1-4.095 4.088H8.488a4.09 4.09 0 0 1-4.094-4.087A4.09 4.09 0 0 1 8.49 8.229h7.026a4.09 4.09 0 0 1 4.094 4.088z" fill="%23000"/></svg>');
 $logo-slack-color-svg: url('data:image/svg+xml;charset=UTF-8,<svg viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg"><path fill-rule="evenodd" clip-rule="evenodd" d="M4.177 16.694a2.085 2.085 0 0 0 2.081-2.081v-2.08H4.177a2.085 2.085 0 0 0-2.08 2.08 2.085 2.085 0 0 0 2.08 2.08zm5.21-4.161a2.085 2.085 0 0 0-2.08 2.08v5.21a2.086 2.086 0 0 0 2.08 2.08 2.086 2.086 0 0 0 2.08-2.08v-5.21a2.085 2.085 0 0 0-2.08-2.08z" fill="%23E01E5A"/><path fill-rule="evenodd" clip-rule="evenodd" d="M7.306 4.178a2.085 2.085 0 0 0 2.081 2.08h2.08V4.177a2.085 2.085 0 0 0-2.08-2.08 2.085 2.085 0 0 0-2.08 2.08zm4.161 5.209a2.086 2.086 0 0 0-2.08-2.08h-5.21a2.085 2.085 0 0 0-2.08 2.08 2.085 2.085 0 0 0 2.08 2.08h5.21a2.086 2.086 0 0 0 2.08-2.08z" fill="%2336C5F0"/><path fill-rule="evenodd" clip-rule="evenodd" d="M14.613 11.467a2.085 2.085 0 0 0 2.08-2.08v-5.21a2.086 2.086 0 0 0-2.08-2.08 2.085 2.085 0 0 0-2.08 2.08v5.21a2.085 2.085 0 0 0 2.08 2.08zm5.21-4.16a2.085 2.085 0 0 0-2.081 2.08v2.08h2.081a2.086 2.086 0 0 0 2.08-2.08 2.086 2.086 0 0 0-2.08-2.08z" fill="%232EB67D"/><path fill-rule="evenodd" clip-rule="evenodd" d="M12.533 14.613a2.085 2.085 0 0 0 2.08 2.08h5.21a2.085 2.085 0 0 0 2.08-2.08 2.086 2.086 0 0 0-2.08-2.08h-5.21a2.085 2.085 0 0 0-2.08 2.08zm4.16 5.21a2.085 2.085 0 0 0-2.08-2.081h-2.08v2.081a2.085 2.085 0 0 0 2.08 2.08 2.085 2.085 0 0 0 2.08-2.08z" fill="%23ECB22E"/></svg>');
diff --git a/ui-v2/app/styles/base/icons/icon-placeholders.scss b/ui-v2/app/styles/base/icons/icon-placeholders.scss
index 4c2525a7e33d..cea679dd0cae 100644
--- a/ui-v2/app/styles/base/icons/icon-placeholders.scss
+++ b/ui-v2/app/styles/base/icons/icon-placeholders.scss
@@ -868,6 +868,16 @@
   mask-image: $logo-alicloud-monochrome-svg;
 }
 
+%with-logo-auth0-color-icon {
+  @extend %with-icon;
+  background-image: $logo-auth0-color-svg;
+}
+%with-logo-auth0-color-mask {
+  @extend %with-mask;
+  -webkit-mask-image: $logo-auth0-color-svg;
+  mask-image: $logo-auth0-color-svg;
+}
+
 %with-logo-aws-color-icon {
   @extend %with-icon;
   background-image: $logo-aws-color-svg;
@@ -1008,6 +1018,16 @@
   mask-image: $logo-kubernetes-monochrome-svg;
 }
 
+%with-logo-okta-color-icon {
+  @extend %with-icon;
+  background-image: $logo-okta-color-svg;
+}
+%with-logo-okta-color-mask {
+  @extend %with-mask;
+  -webkit-mask-image: $logo-okta-color-svg;
+  mask-image: $logo-okta-color-svg;
+}
+
 %with-logo-oracle-color-icon {
   @extend %with-icon;
   background-image: $logo-oracle-color-svg;
diff --git a/ui-v2/app/styles/components/app-view.scss b/ui-v2/app/styles/components/app-view.scss
index 5be681a7e1e7..dff8408a820b 100644
--- a/ui-v2/app/styles/components/app-view.scss
+++ b/ui-v2/app/styles/components/app-view.scss
@@ -12,7 +12,17 @@
 main {
   @extend %app-view;
 }
-%app-view-header form {
+%app-view > div > header {
+  @extend %app-view-header;
+}
+%app-view > div > div {
+  @extend %app-view-content;
+}
+%app-view > div.unauthorized,
+%app-view > div.error {
+  @extend %app-view-error;
+}
+%app-view header form {
   @extend %filter-bar;
 }
 %app-view-actions a,
@@ -23,9 +33,7 @@ main {
   @extend %form-row;
 }
 [role='tabpanel'] > p:only-child,
-.template-error > div,
-%app-view-content > p:only-child,
-%app-view.empty > div {
+%app-view-content > p:only-child {
   @extend %app-view-content-empty;
 }
 [role='tabpanel'] > *:first-child {
diff --git a/ui-v2/app/styles/components/app-view/layout.scss b/ui-v2/app/styles/components/app-view/layout.scss
index 2029960a0c30..12d2f11b62de 100644
--- a/ui-v2/app/styles/components/app-view/layout.scss
+++ b/ui-v2/app/styles/components/app-view/layout.scss
@@ -46,6 +46,9 @@
   padding-bottom: 0.2em;
   margin-bottom: 0.5em;
 }
+%app-view-error > div {
+  padding: 1px 0 30px 0;
+}
 %app-view-content-empty {
   margin-top: 0;
   padding: 50px;
diff --git a/ui-v2/app/styles/components/auth-form.scss b/ui-v2/app/styles/components/auth-form.scss
new file mode 100644
index 000000000000..6bc84b786531
--- /dev/null
+++ b/ui-v2/app/styles/components/auth-form.scss
@@ -0,0 +1,4 @@
+@import './auth-form/index';
+.auth-form {
+  @extend %auth-form;
+}
diff --git a/ui-v2/app/styles/components/auth-form/index.scss b/ui-v2/app/styles/components/auth-form/index.scss
new file mode 100644
index 000000000000..bc182521964a
--- /dev/null
+++ b/ui-v2/app/styles/components/auth-form/index.scss
@@ -0,0 +1,2 @@
+@import './skin';
+@import './layout';
diff --git a/ui-v2/app/styles/components/auth-form/layout.scss b/ui-v2/app/styles/components/auth-form/layout.scss
new file mode 100644
index 000000000000..32b057dca5cc
--- /dev/null
+++ b/ui-v2/app/styles/components/auth-form/layout.scss
@@ -0,0 +1,34 @@
+%auth-form {
+  width: 320px;
+  margin: 10px 25px;
+}
+%auth-form form {
+  margin-bottom: 0.5em !important;
+}
+%auth-form .ember-basic-dropdown-trigger,
+%auth-form button {
+  width: 100%;
+}
+%auth-form .progress {
+  margin: 0 auto;
+}
+%auth-form > p:not(.error) {
+  @extend %auth-form-hr;
+}
+%auth-form-hr {
+  text-align: center;
+  position: relative;
+}
+%auth-form-hr span {
+  display: inline-block;
+  padding: 5px;
+}
+
+%auth-form-hr::before {
+  @extend %as-pseudo;
+  width: 100%;
+  position: absolute;
+  left: 0;
+  top: 50%;
+  z-index: -1;
+}
diff --git a/ui-v2/app/styles/components/auth-form/skin.scss b/ui-v2/app/styles/components/auth-form/skin.scss
new file mode 100644
index 000000000000..dd2f24df50e9
--- /dev/null
+++ b/ui-v2/app/styles/components/auth-form/skin.scss
@@ -0,0 +1,12 @@
+%auth-form-hr {
+  text-transform: uppercase;
+}
+%auth-form-hr::before {
+  border-top: 1px solid $gray-200;
+}
+/* This is to mask off the hr so it has a space */
+/* in the center so if the background color of what the */
+/* line is on is different, then this should be different */
+%auth-form-hr span {
+  background-color: $white;
+}
diff --git a/ui-v2/app/styles/components/auth-modal.scss b/ui-v2/app/styles/components/auth-modal.scss
new file mode 100644
index 000000000000..2586957d7e02
--- /dev/null
+++ b/ui-v2/app/styles/components/auth-modal.scss
@@ -0,0 +1,4 @@
+@import './auth-modal/index';
+#login-toggle + div {
+  @extend %auth-modal;
+}
diff --git a/ui-v2/app/styles/components/auth-modal/index.scss b/ui-v2/app/styles/components/auth-modal/index.scss
new file mode 100644
index 000000000000..7c75b3f504b0
--- /dev/null
+++ b/ui-v2/app/styles/components/auth-modal/index.scss
@@ -0,0 +1,7 @@
+/*TODO: This is a different style of modal dialog */
+/* and should probably be part of that, offering different styles*/
+@import './skin';
+@import './layout';
+%auth-modal footer button {
+  @extend %anchor;
+}
diff --git a/ui-v2/app/styles/components/auth-modal/layout.scss b/ui-v2/app/styles/components/auth-modal/layout.scss
new file mode 100644
index 000000000000..f2c1669d4d0e
--- /dev/null
+++ b/ui-v2/app/styles/components/auth-modal/layout.scss
@@ -0,0 +1,12 @@
+%auth-modal footer {
+  border: 0;
+  padding-top: 10px;
+  padding-bottom: 20px;
+  margin: 0px 26px;
+}
+%auth-modal footer {
+  background-color: $transparent;
+}
+%auth-modal > div > div > div {
+  padding-bottom: 0;
+}
diff --git a/ui-v2/app/styles/components/auth-modal/skin.scss b/ui-v2/app/styles/components/auth-modal/skin.scss
new file mode 100644
index 000000000000..8db4bb91b107
--- /dev/null
+++ b/ui-v2/app/styles/components/auth-modal/skin.scss
@@ -0,0 +1,7 @@
+%auth-modal footer button::after {
+  @extend %with-chevron-right-mask, %as-pseudo;
+  font-size: 120%;
+  position: relative;
+  top: -1px;
+  left: -3px;
+}
diff --git a/ui-v2/app/styles/components/buttons.scss b/ui-v2/app/styles/components/buttons.scss
index 5d95ff1aa680..69d004b61be0 100644
--- a/ui-v2/app/styles/components/buttons.scss
+++ b/ui-v2/app/styles/components/buttons.scss
@@ -3,15 +3,17 @@ button[type='submit'],
 a.type-create {
   @extend %primary-button;
 }
-// the :not(li)'s here avoid styling action-group buttons
 // TODO: Once we move action-groups to use aria menu we can get rid of
 // some of this and just use not(aria-haspopup)
 button[type='reset'],
-:not(li) > button[type='button']:not(.copy-btn):not(.type-delete):not([aria-haspopup='menu']),
+form button[type='button']:not([aria-haspopup='menu']),
+header .actions button[type='button']:not(.copy-btn),
+button.type-cancel,
 html.template-error div > a {
   @extend %secondary-button;
 }
-:not(li) > button.type-delete {
+.with-confirmation .type-delete,
+form button[type='button'].type-delete {
   @extend %dangerous-button;
 }
 button.copy-btn {
diff --git a/ui-v2/app/styles/components/empty-state/skin.scss b/ui-v2/app/styles/components/empty-state/skin.scss
index d573f2c0fd43..c3c64a3c66a8 100644
--- a/ui-v2/app/styles/components/empty-state/skin.scss
+++ b/ui-v2/app/styles/components/empty-state/skin.scss
@@ -31,6 +31,9 @@
 %empty-state.status-403 header::before {
   @extend %with-disabled-mask;
 }
+%empty-state[class*='status-5'] header::before {
+  @extend %with-alert-circle-outline-mask;
+}
 %empty-state .docs-link > *::before {
   @extend %with-docs-mask, %as-pseudo;
 }
diff --git a/ui-v2/app/styles/components/form-elements.scss b/ui-v2/app/styles/components/form-elements.scss
index 4d04ceda2f88..6a2d70b2ee4e 100644
--- a/ui-v2/app/styles/components/form-elements.scss
+++ b/ui-v2/app/styles/components/form-elements.scss
@@ -11,33 +11,30 @@ label span {
 .has-error {
   @extend %form-element-error;
 }
-%main-content .type-password,
-%main-content .type-text {
-  @extend %form-element;
-}
 .type-toggle {
   @extend %form-element, %sliding-toggle;
 }
-%form-element,
+.checkbox-group {
+  @extend %checkbox-group;
+}
+%main-content form {
+  @extend %form;
+}
+%form table,
 %radio-group,
 %checkbox-group,
-form table,
-%app-view-content form dl {
+%main-content form dl {
   @extend %form-row;
 }
+%radio-group label,
+%main-content .type-password,
+%main-content .type-text {
+  @extend %form-element;
+}
 %app-view-content form:not(.filter-bar) [role='radiogroup'],
 %modal-window [role='radiogroup'] {
   @extend %radio-group;
 }
-%radio-group label {
-  @extend %form-element;
-}
-.checkbox-group {
-  @extend %checkbox-group;
-}
-fieldset > p {
-  color: $gray-400;
-}
 %sliding-toggle + .checkbox-group {
   margin-top: -1em;
 }
diff --git a/ui-v2/app/styles/components/index.scss b/ui-v2/app/styles/components/index.scss
index 3d19d0c33a22..9905e17c5596 100644
--- a/ui-v2/app/styles/components/index.scss
+++ b/ui-v2/app/styles/components/index.scss
@@ -23,8 +23,11 @@
 @import './confirmation-dialog';
 @import './feedback-dialog';
 @import './modal-dialog';
+@import './auth-form';
+@import './auth-modal';
 @import './notice';
 @import './sort-control';
+@import './oidc-select';
 @import './discovery-chain';
 @import './consul-intention-list';
 @import './empty-state';
diff --git a/ui-v2/app/styles/components/main-nav-horizontal/index.scss b/ui-v2/app/styles/components/main-nav-horizontal/index.scss
index 333e6885766a..e3e73012d34f 100644
--- a/ui-v2/app/styles/components/main-nav-horizontal/index.scss
+++ b/ui-v2/app/styles/components/main-nav-horizontal/index.scss
@@ -5,13 +5,20 @@
 %main-nav-horizontal > ul > li > label > * {
   @extend %main-nav-horizontal-action;
 }
-%main-nav-horizontal > ul > li > label {
-  display: block;
-}
 %main-nav-horizontal-action:not(span):hover,
 %main-nav-horizontal-action:not(span):focus {
   @extend %main-nav-horizontal-action-intent;
 }
+/* Whilst we want spans to look the same as actions */
+/* we don't want them to act the same */
+%main-nav-horizontal > ul > li > span {
+  cursor: default;
+}
+%main-nav-horizontal > ul > li > label {
+  display: block;
+}
+/* ^ why not in layout? because we want these */
+/* overwrites to be close to where we extend? */
 %main-nav-horizontal [type='checkbox']:checked + label > *,
 %main-nav-horizontal > ul > li > a:active,
 %main-nav-horizontal > ul > li.is-active > a,
diff --git a/ui-v2/app/styles/components/main-nav-horizontal/skin.scss b/ui-v2/app/styles/components/main-nav-horizontal/skin.scss
index acdf5d158edd..858175dd14c4 100644
--- a/ui-v2/app/styles/components/main-nav-horizontal/skin.scss
+++ b/ui-v2/app/styles/components/main-nav-horizontal/skin.scss
@@ -18,9 +18,6 @@
   border-radius: $decor-radius-200;
 }
 %main-nav-horizontal-action {
-  cursor: default;
-}
-%main-nav-horizontal-action:not(span) {
   cursor: pointer;
 }
 %main-nav-horizontal-action,
diff --git a/ui-v2/app/styles/components/oidc-select.scss b/ui-v2/app/styles/components/oidc-select.scss
new file mode 100644
index 000000000000..3d4fec8dc92b
--- /dev/null
+++ b/ui-v2/app/styles/components/oidc-select.scss
@@ -0,0 +1,4 @@
+@import './oidc-select/index';
+.oidc-select {
+  @extend %oidc-select;
+}
diff --git a/ui-v2/app/styles/components/oidc-select/index.scss b/ui-v2/app/styles/components/oidc-select/index.scss
new file mode 100644
index 000000000000..3262aaa36c4b
--- /dev/null
+++ b/ui-v2/app/styles/components/oidc-select/index.scss
@@ -0,0 +1,8 @@
+@import './skin';
+@import './layout';
+%oidc-select label {
+  @extend %form-element;
+}
+%oidc-select button {
+  @extend %secondary-button;
+}
diff --git a/ui-v2/app/styles/components/oidc-select/layout.scss b/ui-v2/app/styles/components/oidc-select/layout.scss
new file mode 100644
index 000000000000..97219c512c3a
--- /dev/null
+++ b/ui-v2/app/styles/components/oidc-select/layout.scss
@@ -0,0 +1,7 @@
+%oidc-select li,
+%oidc-select .ember-power-select-trigger {
+  margin-bottom: 1em;
+}
+%oidc-select .ember-power-select-trigger {
+  width: 100%;
+}
diff --git a/ui-v2/app/styles/components/oidc-select/skin.scss b/ui-v2/app/styles/components/oidc-select/skin.scss
new file mode 100644
index 000000000000..194cafc44921
--- /dev/null
+++ b/ui-v2/app/styles/components/oidc-select/skin.scss
@@ -0,0 +1,30 @@
+%oidc-select [class$='-oidc-provider']::before {
+  @extend %as-pseudo;
+  width: 22px;
+  height: 22px;
+  /* this is to prevent resizing in an inline-flex context */
+  /* and should probably be moved to the parent*/
+  flex: 0 0 auto;
+  margin-right: 10px;
+}
+%oidc-select .auth0-oidc-provider::before {
+  @extend %with-logo-auth0-color-icon;
+}
+%oidc-select .okta-oidc-provider::before {
+  @extend %with-logo-okta-color-icon;
+}
+%oidc-select .gitlab-oidc-provider::before {
+  @extend %with-logo-gitlab-color-icon;
+}
+%oidc-select .aws-oidc-provider::before {
+  @extend %with-logo-aws-color-icon;
+}
+%oidc-select .azure-oidc-provider::before {
+  @extend %with-logo-azure-color-icon;
+}
+%oidc-select .bitbucket-oidc-provider::before {
+  @extend %with-logo-bitbucket-color-icon;
+}
+%oidc-select .gcp-oidc-provider::before {
+  @extend %with-logo-gcp-color-icon;
+}
diff --git a/ui-v2/app/styles/core/typography.scss b/ui-v2/app/styles/core/typography.scss
index 3d59f21009fc..bdce4fbd5ce0 100644
--- a/ui-v2/app/styles/core/typography.scss
+++ b/ui-v2/app/styles/core/typography.scss
@@ -77,6 +77,7 @@ pre code,
 
 /*TODO: See if we can collapse these into a */
 /* strong %p3 */
+%form-element-label,
 %button {
   font-weight: $typo-weight-semibold;
 }
@@ -104,7 +105,7 @@ pre code,
   font-weight: $typo-weight-normal;
 }
 
-%form-element > em,
+%form-element-note,
 %tbody-th em,
 %app-view h1 em {
   font-style: normal;
diff --git a/ui-v2/app/styles/variables/index.scss b/ui-v2/app/styles/variables/index.scss
index 85b058cd7019..88d989ad5faf 100644
--- a/ui-v2/app/styles/variables/index.scss
+++ b/ui-v2/app/styles/variables/index.scss
@@ -22,6 +22,11 @@
   --brand-800: #{$magenta-800};
   // --brand-900: #{$magenta-900};
 
+  /* themeable ui colors */
+  --typo-action-500: #{$blue-500};
+  --decor-error-500: #{$red-500};
+  --typo-contrast-999: #{$black};
+
   /* themeable brand colors */
   --typo-brand-050: var(--brand-050);
   --typo-brand-600: var(--brand-600);
diff --git a/ui-v2/app/templates/application.hbs b/ui-v2/app/templates/application.hbs
index 763ccd8bc407..3ed45988c906 100644
--- a/ui-v2/app/templates/application.hbs
+++ b/ui-v2/app/templates/application.hbs
@@ -1,7 +1,15 @@
 <HeadLayout />
 {{title 'Consul' separator=' - '}}
 {{#if (not-eq router.currentRouteName 'application')}}
-  <HashicorpConsul @id="wrapper" @permissions={{permissions}} @dcs={{dcs}} @dc={{or dc dcs.firstObject}} @nspaces={{nspaces}} @nspace={{or nspace nspaces.firstObject}}>
+  <HashicorpConsul
+    id="wrapper"
+    @permissions={{permissions}}
+    @dcs={{dcs}}
+    @dc={{or dc dcs.firstObject}}
+    @nspaces={{nspaces}}
+    @nspace={{or nspace nspaces.firstObject}}
+    @onchange={{action "reauthorize"}}
+  >
 {{#if (not loading)}}
   {{outlet}}
 {{else}}
diff --git a/ui-v2/app/templates/dc/acls/-authorization.hbs b/ui-v2/app/templates/dc/acls/-authorization.hbs
index 1f08a99fd0f4..8617be5769c6 100644
--- a/ui-v2/app/templates/dc/acls/-authorization.hbs
+++ b/ui-v2/app/templates/dc/acls/-authorization.hbs
@@ -1,13 +1,21 @@
-<p>
-  The Access Control List (ACL) system, which controls permissions for this UI, is enabled for this cluster. Your token ID will be saved locally and persist through visits.
-</p>
-<form>
-    <fieldset>
-        <label class="type-text">
-            <span>SecretID or Token</span>
-            <input type="password" name="secret" placeholder="SecretID or Token" oninput={{action (mut secret) value="target.value"}} />
-        </label>
-    </fieldset>
-    {{! authorize is in the routes/dc/acls.js route }}
-    <button type="submit" {{action 'authorize' secret nspace}}>Login</button>
-</form>
+<EmptyState class="status-403">
+  <BlockSlot @name="header">
+    <h2>You are not authorized</h2>
+  </BlockSlot>
+  <BlockSlot @name="subheader">
+    <h3>Error 403</h3>
+  </BlockSlot>
+  <BlockSlot @name="body">
+    <p>
+      You must be granted permissions to view this data. Login or ask your administrator if you think you should have access.
+    </p>
+  </BlockSlot>
+  <BlockSlot @name="actions">
+    <li class="docs-link">
+      <a href="{{env 'CONSUL_DOCS_URL'}}/acl/index.html" rel="noopener noreferrer" target="_blank">Read the documentation</a>
+    </li>
+    <li class="learn-link">
+      <a href="{{env 'CONSUL_DOCS_LEARN_URL'}}/consul/security-networking/production-acls" rel="noopener noreferrer" target="_blank">Follow the guide</a>
+    </li>
+  </BlockSlot>
+</EmptyState>
diff --git a/ui-v2/app/templates/error.hbs b/ui-v2/app/templates/error.hbs
index 429724e96925..408b00af257b 100644
--- a/ui-v2/app/templates/error.hbs
+++ b/ui-v2/app/templates/error.hbs
@@ -1,19 +1,58 @@
+{{#if error}}
 <AppView @class="error show">
     <BlockSlot @name="header">
-        <h1 data-test-error>
-{{#if error.status }}
-            {{error.status}} ({{error.message}})
-{{else}}
-            {{error.message}}
-{{/if}}
-        </h1>
+      <h1>
+        Error {{error.status}}
+      </h1>
     </BlockSlot>
     <BlockSlot @name="content">
-        <p>
-            Consul returned an error.
-            You may have visited a URL that is loading an unknown resource, so you can try going back to the root or try re-submitting your ACL Token/SecretID by going back to ACLs.<br />
-            Try looking in our <a href="{{env 'CONSUL_DOCS_URL'}}" target="_blank">documentation</a>
-        </p>
-        <a data-test-home rel="home" href={{href-to 'index'}}>Go back to root</a>
+      {{#if (not-eq error.status "403")}}
+          <EmptyState class={{concat "status-" error.status}}>
+            <BlockSlot @name="header">
+              <h2>{{or error.message "Consul returned an error"}}</h2>
+            </BlockSlot>
+{{#if error.status }}
+            <BlockSlot @name="subheader">
+              <h3 data-test-status={{error.status}}>Error {{error.status}}</h3>
+            </BlockSlot>
+{{/if}}
+            <BlockSlot @name="body">
+              <p>
+                You may have visited a URL that is loading an unknown resource, so you can try going back to the root or try re-submitting your ACL Token/SecretID by going back to ACLs.
+              </p>
+            </BlockSlot>
+            <BlockSlot @name="actions">
+              <li class="back-link">
+                <a data-test-home rel="home" href={{href-to 'index'}}>Go back to root</a>
+              </li>
+              <li class="docs-link">
+                <a href="{{env 'CONSUL_DOCS_URL'}}" rel="noopener noreferrer" target="_blank">Read the documentation</a>
+              </li>
+            </BlockSlot>
+          </EmptyState>
+        {{else}}
+          <EmptyState class="status-403">
+            <BlockSlot @name="header">
+              <h2 data-test-status={{error.status}}>You are not authorized</h2>
+            </BlockSlot>
+            <BlockSlot @name="subheader">
+              <h3>Error 403</h3>
+            </BlockSlot>
+            <BlockSlot @name="body">
+              <p>
+                You must be granted permissions to view this data. Ask your administrator if you think you should have access.
+              </p>
+            </BlockSlot>
+            <BlockSlot @name="actions">
+              <li class="docs-link">
+                <a href="{{env 'CONSUL_DOCS_URL'}}/acl/index.html" rel="noopener noreferrer" target="_blank">Read the documentation</a>
+              </li>
+              <li class="learn-link">
+                <a href="{{env 'CONSUL_DOCS_LEARN_URL'}}/consul/security-networking/production-acls" rel="noopener noreferrer" target="_blank">Follow the guide</a>
+              </li>
+            </BlockSlot>
+          </EmptyState>
+        {{/if}}
     </BlockSlot>
 </AppView>
+{{/if}}
diff --git a/ui-v2/app/utils/get-environment.js b/ui-v2/app/utils/get-environment.js
index 22bf93c08e22..bfe93a2ea163 100644
--- a/ui-v2/app/utils/get-environment.js
+++ b/ui-v2/app/utils/get-environment.js
@@ -82,6 +82,9 @@ export default function(config = {}, win = window, doc = document) {
             case 'CONSUL_NSPACES_ENABLE':
               prev['CONSUL_NSPACES_ENABLED'] = !!JSON.parse(String(value).toLowerCase());
               break;
+            case 'CONSUL_SSO_ENABLE':
+              prev['CONSUL_SSO_ENABLED'] = !!JSON.parse(String(value).toLowerCase());
+              break;
             default:
               prev[key] = value;
           }
diff --git a/ui-v2/config/environment.js b/ui-v2/config/environment.js
index c4891b5fdb0f..f74e2bdfd949 100644
--- a/ui-v2/config/environment.js
+++ b/ui-v2/config/environment.js
@@ -7,6 +7,10 @@ module.exports = function(environment, $ = process.env) {
     environment,
     rootURL: '/ui/',
     locationType: 'auto',
+    // We use a complete dynamically (from Consul) configured
+    // torii provider. We provide this object here to
+    // prevent ember from giving a log message when starting ember up
+    torii: {},
     EmberENV: {
       FEATURES: {
         // Here you can enable experimental features on an ember canary build
@@ -69,6 +73,7 @@ module.exports = function(environment, $ = process.env) {
     CONSUL_BINARY_TYPE: process.env.CONSUL_BINARY_TYPE ? process.env.CONSUL_BINARY_TYPE : 'oss',
     CONSUL_ACLS_ENABLED: false,
     CONSUL_NSPACES_ENABLED: false,
+    CONSUL_SSO_ENABLED: false,
 
     CONSUL_HOME_URL: 'https://www.consul.io',
     CONSUL_REPO_ISSUES_URL: 'https://github.com/hashicorp/consul/issues/new/choose',
@@ -77,6 +82,7 @@ module.exports = function(environment, $ = process.env) {
     CONSUL_DOCS_API_URL: 'https://www.consul.io/api',
     CONSUL_COPYRIGHT_URL: 'https://www.hashicorp.com',
   });
+  const isTestLike = ['staging', 'test'].indexOf(environment) > -1;
   const isDevLike = ['development', 'staging', 'test'].indexOf(environment) > -1;
   const isProdLike = ['production', 'staging'].indexOf(environment) > -1;
   switch (true) {
@@ -88,6 +94,10 @@ module.exports = function(environment, $ = process.env) {
           typeof $['CONSUL_NSPACES_ENABLED'] !== 'undefined'
             ? !!JSON.parse(String($['CONSUL_NSPACES_ENABLED']).toLowerCase())
             : true,
+        CONSUL_SSO_ENABLED:
+          typeof $['CONSUL_SSO_ENABLED'] !== 'undefined'
+            ? !!JSON.parse(String($['CONSUL_SSO_ENABLED']).toLowerCase())
+            : false,
         '@hashicorp/ember-cli-api-double': {
           'auto-import': false,
           enabled: true,
@@ -107,6 +117,7 @@ module.exports = function(environment, $ = process.env) {
     case environment === 'staging':
       ENV = Object.assign({}, ENV, {
         CONSUL_NSPACES_ENABLED: true,
+        CONSUL_SSO_ENABLED: true,
         '@hashicorp/ember-cli-api-double': {
           enabled: true,
           endpoints: {
@@ -118,13 +129,14 @@ module.exports = function(environment, $ = process.env) {
     case environment === 'production':
       ENV = Object.assign({}, ENV, {
         CONSUL_ACLS_ENABLED: '{{.ACLsEnabled}}',
+        CONSUL_SSO_ENABLED: '{{.SSOEnabled}}',
         CONSUL_NSPACES_ENABLED:
           '{{ if .NamespacesEnabled }}{{.NamespacesEnabled}}{{ else }}false{{ end }}',
       });
       break;
   }
   switch (true) {
-    case isDevLike:
+    case isTestLike:
       ENV = Object.assign({}, ENV, {
         CONSUL_ACLS_ENABLED: true,
         // 'APP': Object.assign({}, ENV.APP, {
diff --git a/ui-v2/lib/startup/index.js b/ui-v2/lib/startup/index.js
index 2247f1f06b32..dcc03fc5e6e7 100644
--- a/ui-v2/lib/startup/index.js
+++ b/ui-v2/lib/startup/index.js
@@ -17,6 +17,9 @@ const express = require('express');
 module.exports = {
   name: 'startup',
   serverMiddleware: function(server) {
+    // TODO: see if we can move these into the project specific `/server` directory
+    // instead of inside an addon
+
     // Serve the coverage folder for easy viewing during development
     server.app.use('/coverage', express.static('coverage'));
 
diff --git a/ui-v2/lib/startup/templates/head.html.js b/ui-v2/lib/startup/templates/head.html.js
index 5b10fbe53258..db2ffa864b7b 100644
--- a/ui-v2/lib/startup/templates/head.html.js
+++ b/ui-v2/lib/startup/templates/head.html.js
@@ -25,7 +25,8 @@ module.exports = ({ appName, environment, rootURL, config }) => `
       {
         rootURL: '${rootURL}',
         CONSUL_ACLS_ENABLED: ${config.CONSUL_ACLS_ENABLED},
-        CONSUL_NSPACES_ENABLED: ${config.CONSUL_NSPACES_ENABLED}
+        CONSUL_NSPACES_ENABLED: ${config.CONSUL_NSPACES_ENABLED},
+        CONSUL_SSO_ENABLED: ${config.CONSUL_SSO_ENABLED}
       }
     );
   </script>
diff --git a/ui-v2/node-tests/config/environment.js b/ui-v2/node-tests/config/environment.js
index 0efc70e33651..8caac5262a07 100644
--- a/ui-v2/node-tests/config/environment.js
+++ b/ui-v2/node-tests/config/environment.js
@@ -10,6 +10,7 @@ test(
         environment: 'production',
         CONSUL_BINARY_TYPE: 'oss',
         CONSUL_ACLS_ENABLED: '{{.ACLsEnabled}}',
+        CONSUL_SSO_ENABLED: '{{.SSOEnabled}}',
         CONSUL_NSPACES_ENABLED: '{{ if .NamespacesEnabled }}{{.NamespacesEnabled}}{{ else }}false{{ end }}',
       },
       {
@@ -17,6 +18,7 @@ test(
         CONSUL_BINARY_TYPE: 'oss',
         CONSUL_ACLS_ENABLED: true,
         CONSUL_NSPACES_ENABLED: true,
+        CONSUL_SSO_ENABLED: false,
       },
       {
         $: {
@@ -26,12 +28,24 @@ test(
         CONSUL_BINARY_TYPE: 'oss',
         CONSUL_ACLS_ENABLED: true,
         CONSUL_NSPACES_ENABLED: false,
+        CONSUL_SSO_ENABLED: false,
+      },
+      {
+        $: {
+          CONSUL_SSO_ENABLED: 0
+        },
+        environment: 'test',
+        CONSUL_BINARY_TYPE: 'oss',
+        CONSUL_ACLS_ENABLED: true,
+        CONSUL_NSPACES_ENABLED: true,
+        CONSUL_SSO_ENABLED: false,
       },
       {
         environment: 'staging',
         CONSUL_BINARY_TYPE: 'oss',
         CONSUL_ACLS_ENABLED: true,
         CONSUL_NSPACES_ENABLED: true,
+        CONSUL_SSO_ENABLED: true,
       }
     ].forEach(
       function(item) {
diff --git a/ui-v2/public/oidc/callback b/ui-v2/public/oidc/callback
new file mode 100644
index 000000000000..ad9923478c78
--- /dev/null
+++ b/ui-v2/public/oidc/callback
@@ -0,0 +1,19 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta charset="UTF-8">
+    <title>Consul</title>
+    <script>
+      var CURRENT_REQUEST_KEY = '__torii_request';
+      var pendingRequestKey = window.localStorage.getItem(CURRENT_REQUEST_KEY);
+
+      if (pendingRequestKey) {
+        window.localStorage.removeItem(CURRENT_REQUEST_KEY);
+        var url = window.location.toString();
+        window.localStorage.setItem(pendingRequestKey, url);
+      }
+
+      window.close();
+    </script>
+  </head>
+</html>
diff --git a/ui-v2/server/index.js b/ui-v2/server/index.js
new file mode 100644
index 000000000000..a38cb9d893b4
--- /dev/null
+++ b/ui-v2/server/index.js
@@ -0,0 +1,26 @@
+'use strict';
+const fs = require('fs');
+const promisify = require('util').promisify;
+const read = promisify(fs.readFile);
+
+module.exports = function(app, options) {
+  // During development the proxy server has no way of
+  // knowing the content/mime type of our `oidc/callback` file
+  // as it has no extension.
+  // This shims the default server to set the correct headers
+  // just for this file
+
+  const file = `/oidc/callback`;
+  const rootURL = options.rootURL;
+  const url = `${rootURL.substr(0, rootURL.length - 1)}${file}`;
+  app.use(function(req, resp, next) {
+    if (req.url.split('?')[0] === url) {
+      return read(`${process.cwd()}/public${file}`).then(function(buffer) {
+        resp.header('Content-Type', 'text/html');
+        resp.write(buffer.toString());
+        resp.end();
+      });
+    }
+    next();
+  });
+};
diff --git a/ui-v2/tests/acceptance/dc/acls/policies/as-many/add-existing.feature b/ui-v2/tests/acceptance/dc/acls/policies/as-many/add-existing.feature
index a45329adb9e4..99e4a3afd669 100644
--- a/ui-v2/tests/acceptance/dc/acls/policies/as-many/add-existing.feature
+++ b/ui-v2/tests/acceptance/dc/acls/policies/as-many/add-existing.feature
@@ -20,10 +20,10 @@ Feature: dc / acls / policies / as many / add existing: Add existing policy
       [Model]: key
     ---
     Then the url should be /datacenter/acls/[Model]s/key
-    And I click "#policies .ember-power-select-trigger"
+    And I click "form > #policies .ember-power-select-trigger"
     And I click ".ember-power-select-option:first-child"
     And I see 1 policy model on the policies component
-    And I click "#policies .ember-power-select-trigger"
+    And I click "form > #policies .ember-power-select-trigger"
     And I click ".ember-power-select-option:nth-child(1)"
     And I see 2 policy models on the policies component
     And I submit
diff --git a/ui-v2/tests/acceptance/dc/acls/roles/as-many/add-existing.feature b/ui-v2/tests/acceptance/dc/acls/roles/as-many/add-existing.feature
index 370c9e9c64f1..21b3bed6c322 100644
--- a/ui-v2/tests/acceptance/dc/acls/roles/as-many/add-existing.feature
+++ b/ui-v2/tests/acceptance/dc/acls/roles/as-many/add-existing.feature
@@ -21,10 +21,10 @@ Feature: dc / acls / roles / as many / add existing: Add existing
       token: key
     ---
     Then the url should be /datacenter/acls/tokens/key
-    And I click "#roles .ember-power-select-trigger"
+    And I click "form > #roles .ember-power-select-trigger"
     And I click ".ember-power-select-option:first-child"
     And I see 1 role model on the roles component
-    And I click "#roles .ember-power-select-trigger"
+    And I click "form > #roles .ember-power-select-trigger"
     And I click ".ember-power-select-option:nth-child(1)"
     And I see 2 role models on the roles component
     Then I fill in with yaml
diff --git a/ui-v2/tests/acceptance/dc/error.feature b/ui-v2/tests/acceptance/dc/error.feature
index c4b03eaa6f0f..bd6a80c17c29 100644
--- a/ui-v2/tests/acceptance/dc/error.feature
+++ b/ui-v2/tests/acceptance/dc/error.feature
@@ -22,7 +22,7 @@ Feature: dc / error: Recovering from a dc 500 error
     ---
     Then the url should be /dc-500/services
     And the title should be "Consul"
-    Then I see the text "500 (The backend responded with an error)" in "[data-test-error]"
+    Then I see status on the error like "500"
   Scenario: Clicking the back to root button
     Given the url "/v1/internal/ui/services" responds with a 200 status
     When I click home
diff --git a/ui-v2/tests/acceptance/dc/services/error.feature b/ui-v2/tests/acceptance/dc/services/error.feature
index f519f5de586b..1ee48f4af53d 100644
--- a/ui-v2/tests/acceptance/dc/services/error.feature
+++ b/ui-v2/tests/acceptance/dc/services/error.feature
@@ -10,7 +10,7 @@ Feature: dc / services / error
     ---
       dc: 404-datacenter
     ---
-    Then I see the text "404 (Page not found)" in "[data-test-error]"
+    Then I see status on the error like "404"
   @notNamespaceable
   Scenario: Arriving at the service page
     Given 2 datacenter models from yaml
@@ -23,7 +23,7 @@ Feature: dc / services / error
     ---
       dc: dc-1
     ---
-    Then I see the text "500 (The backend responded with an error)" in "[data-test-error]"
+    Then I see status on the error like "500"
     # This is the actual step that works slightly differently
     # When running through namespaces as the dc menu says 'Error'
     # which is still kind of ok
diff --git a/ui-v2/tests/acceptance/dc/services/instances/error.feature b/ui-v2/tests/acceptance/dc/services/instances/error.feature
index 0a12d2b35137..6f55bd55942d 100644
--- a/ui-v2/tests/acceptance/dc/services/instances/error.feature
+++ b/ui-v2/tests/acceptance/dc/services/instances/error.feature
@@ -11,6 +11,6 @@ Feature: dc / services / instances / error: Visit Service Instance what doesn't
       id: id-that-doesnt-exist
     ---
     Then the url should be /dc1/services/service-0/instances/node-0/id-that-doesnt-exist
-    And I see the text "404 (Unable to find instance)" in "[data-test-error]"
+    Then I see status on the error like "404"
 
 
diff --git a/ui-v2/tests/acceptance/dc/acls/tokens/login-errors.feature b/ui-v2/tests/acceptance/login-errors.feature
similarity index 82%
rename from ui-v2/tests/acceptance/dc/acls/tokens/login-errors.feature
rename to ui-v2/tests/acceptance/login-errors.feature
index b225d7b859d9..f045d4f4cce9 100644
--- a/ui-v2/tests/acceptance/dc/acls/tokens/login-errors.feature
+++ b/ui-v2/tests/acceptance/login-errors.feature
@@ -1,5 +1,5 @@
 @setupApplicationTest
-Feature: dc / acls / tokens / login-errors: ACL Login Errors
+Feature: login-errors: Login Errors
 
   Scenario: I get any 500 error that is not the specific legacy token cluster one
     Given 1 datacenter model with the value "dc-1"
@@ -9,7 +9,7 @@ Feature: dc / acls / tokens / login-errors: ACL Login Errors
       dc: dc-1
     ---
     Then the url should be /dc-1/acls/tokens
-    Then I see the text "500 (The backend responded with an error)" in "[data-test-error]"
+    Then I see status on the error like "500"
   Scenario: I get a 500 error from acl/tokens that is the specific legacy one
     Given 1 datacenter model with the value "dc-1"
     And the url "/v1/acl/tokens?ns=@namespace" responds with from yaml
@@ -43,11 +43,11 @@ Feature: dc / acls / tokens / login-errors: ACL Login Errors
     ---
     Then the url should be /dc-1/acls/tokens
     Then ".app-view" has the "unauthorized" class
-    Then I fill in with yaml
+    And I click login on the navigation
+    And I fill in the auth form with yaml
     ---
-    secret: something
+    SecretID: something
     ---
-    And I submit
-    Then ".app-view" has the "unauthorized" class
-    And "[data-notification]" has the "error" class
+    And I click submit on the authdialog.form
+    Then I see status on the error like "403"
 
diff --git a/ui-v2/tests/acceptance/dc/acls/tokens/login.feature b/ui-v2/tests/acceptance/login.feature
similarity index 64%
rename from ui-v2/tests/acceptance/dc/acls/tokens/login.feature
rename to ui-v2/tests/acceptance/login.feature
index 76c1cf3a6104..42aff3a1fe60 100644
--- a/ui-v2/tests/acceptance/dc/acls/tokens/login.feature
+++ b/ui-v2/tests/acceptance/login.feature
@@ -1,6 +1,6 @@
 @setupApplicationTest
-Feature: dc / acls / tokens / login
-  Scenario: Logging into the ACLs login page
+Feature: login
+  Scenario: Logging into the login page from ACLs tokens
     Given 1 datacenter model with the value "dc-1"
     And the url "/v1/acl/tokens" responds with a 403 status
     When I visit the tokens page for yaml
@@ -8,11 +8,12 @@ Feature: dc / acls / tokens / login
     dc: dc-1
     ---
     Then the url should be /dc-1/acls/tokens
-    And I fill in with yaml
+    And I click login on the navigation
+    And I fill in the auth form with yaml
     ---
-    secret: something
+    SecretID: something
     ---
-    And I submit
+    And I click submit on the authdialog.form
     Then a GET request was made to "/v1/acl/token/self?dc=dc-1" from yaml
     ---
     headers:
diff --git a/ui-v2/tests/acceptance/steps/login-errors-steps.js b/ui-v2/tests/acceptance/steps/login-errors-steps.js
new file mode 100644
index 000000000000..c900334997cb
--- /dev/null
+++ b/ui-v2/tests/acceptance/steps/login-errors-steps.js
@@ -0,0 +1,10 @@
+import steps from './steps';
+
+// step definitions that are shared between features should be moved to the
+// tests/acceptance/steps/steps.js file
+
+export default function(assert) {
+  return steps(assert).then('I should find a file', function() {
+    assert.ok(true, this.step);
+  });
+}
diff --git a/ui-v2/tests/acceptance/steps/login-steps.js b/ui-v2/tests/acceptance/steps/login-steps.js
new file mode 100644
index 000000000000..c900334997cb
--- /dev/null
+++ b/ui-v2/tests/acceptance/steps/login-steps.js
@@ -0,0 +1,10 @@
+import steps from './steps';
+
+// step definitions that are shared between features should be moved to the
+// tests/acceptance/steps/steps.js file
+
+export default function(assert) {
+  return steps(assert).then('I should find a file', function() {
+    assert.ok(true, this.step);
+  });
+}
diff --git a/ui-v2/tests/acceptance/token-header.feature b/ui-v2/tests/acceptance/token-header.feature
index 00c40679aab0..8c016fd2cece 100644
--- a/ui-v2/tests/acceptance/token-header.feature
+++ b/ui-v2/tests/acceptance/token-header.feature
@@ -21,11 +21,12 @@ Feature: token-header
       dc: datacenter
     ---
     Then the url should be /datacenter/acls/tokens
-    Then I fill in with yaml
+    And I click login on the navigation
+    And I fill in the auth form with yaml
     ---
-      secret: [Token]
+    SecretID: [Token]
     ---
-    And I submit
+    And I click submit on the authdialog.form
     When I visit the index page
     Then the url should be /datacenter/services
     And a GET request was made to "/v1/internal/ui/services?dc=datacenter&ns=@namespace" from yaml
diff --git a/ui-v2/tests/integration/components/auth-dialog-test.js b/ui-v2/tests/integration/components/auth-dialog-test.js
new file mode 100644
index 000000000000..32b6594032f6
--- /dev/null
+++ b/ui-v2/tests/integration/components/auth-dialog-test.js
@@ -0,0 +1,26 @@
+import { module, test } from 'qunit';
+import { setupRenderingTest } from 'ember-qunit';
+import { render } from '@ember/test-helpers';
+import { hbs } from 'ember-cli-htmlbars';
+
+module('Integration | Component | auth-dialog', function(hooks) {
+  setupRenderingTest(hooks);
+
+  test('it renders', async function(assert) {
+    // Set any properties with this.set('myProperty', 'value');
+    // Handle any actions with this.set('myAction', function(val) { ... });
+
+    await render(hbs`<AuthDialog />`);
+
+    assert.equal(this.element.textContent.trim(), '');
+
+    // Template block usage:
+    await render(hbs`
+      <AuthDialog>
+        template block text
+      </AuthDialog>
+    `);
+
+    assert.equal(this.element.textContent.trim(), 'template block text');
+  });
+});
diff --git a/ui-v2/tests/integration/components/auth-profile-test.js b/ui-v2/tests/integration/components/auth-profile-test.js
new file mode 100644
index 000000000000..fcd24d331ae6
--- /dev/null
+++ b/ui-v2/tests/integration/components/auth-profile-test.js
@@ -0,0 +1,24 @@
+import { module, test } from 'qunit';
+import { setupRenderingTest } from 'ember-qunit';
+import { render } from '@ember/test-helpers';
+import { hbs } from 'ember-cli-htmlbars';
+
+module('Integration | Component | auth-profile', function(hooks) {
+  setupRenderingTest(hooks);
+
+  test('it renders', async function(assert) {
+    // Set any properties with this.set('myProperty', 'value');
+    // Handle any actions with this.set('myAction', function(val) { ... });
+
+    await render(hbs`<AuthProfile />`);
+
+    assert.ok(this.element.textContent.indexOf('AccessorID') !== -1);
+
+    // Template block usage:
+    await render(hbs`
+      <AuthProfile></AuthProfile>
+    `);
+
+    assert.ok(this.element.textContent.indexOf('AccessorID') !== -1);
+  });
+});
diff --git a/ui-v2/tests/integration/components/jwt-source-test.js b/ui-v2/tests/integration/components/jwt-source-test.js
new file mode 100644
index 000000000000..1464858d680b
--- /dev/null
+++ b/ui-v2/tests/integration/components/jwt-source-test.js
@@ -0,0 +1,17 @@
+import { module, skip } from 'qunit';
+import { setupRenderingTest } from 'ember-qunit';
+import { render } from '@ember/test-helpers';
+import hbs from 'htmlbars-inline-precompile';
+
+module('Integration | Component | jwt-source', function(hooks) {
+  setupRenderingTest(hooks);
+
+  skip('it renders', async function(assert) {
+    // Set any properties with this.set('myProperty', 'value');
+    // Handle any actions with this.set('myAction', function(val) { ... });
+
+    await render(hbs`<JwtSource />`);
+
+    assert.equal(this.element.textContent.trim(), '');
+  });
+});
diff --git a/ui-v2/tests/integration/components/oidc-select-test.js b/ui-v2/tests/integration/components/oidc-select-test.js
new file mode 100644
index 000000000000..16df66580b82
--- /dev/null
+++ b/ui-v2/tests/integration/components/oidc-select-test.js
@@ -0,0 +1,26 @@
+import { module, skip } from 'qunit';
+import { setupRenderingTest } from 'ember-qunit';
+import { render } from '@ember/test-helpers';
+import { hbs } from 'ember-cli-htmlbars';
+
+module('Integration | Component | oidc-select', function(hooks) {
+  setupRenderingTest(hooks);
+
+  skip('it renders', async function(assert) {
+    // Set any properties with this.set('myProperty', 'value');
+    // Handle any actions with this.set('myAction', function(val) { ... });
+
+    await render(hbs`<OidcSelect />`);
+
+    assert.equal(this.element.textContent.trim(), '');
+
+    // Template block usage:
+    await render(hbs`
+      <OidcSelect>
+        template block text
+      </OidcSelect>
+    `);
+
+    assert.equal(this.element.textContent.trim(), 'template block text');
+  });
+});
diff --git a/ui-v2/tests/integration/serializers/oidc-provider-test.js b/ui-v2/tests/integration/serializers/oidc-provider-test.js
new file mode 100644
index 000000000000..6a4925e13336
--- /dev/null
+++ b/ui-v2/tests/integration/serializers/oidc-provider-test.js
@@ -0,0 +1,75 @@
+import { module, test } from 'qunit';
+import { setupTest } from 'ember-qunit';
+
+import { get } from 'consul-ui/tests/helpers/api';
+import {
+  HEADERS_SYMBOL as META,
+  HEADERS_DATACENTER as DC,
+  HEADERS_NAMESPACE as NSPACE,
+} from 'consul-ui/utils/http/consul';
+
+module('Integration | Serializer | oidc-provider', function(hooks) {
+  setupTest(hooks);
+  const dc = 'dc-1';
+  const undefinedNspace = 'default';
+  [undefinedNspace, 'team-1', undefined].forEach(nspace => {
+    test(`respondForQuery returns the correct data for list endpoint when the nspace is ${nspace}`, function(assert) {
+      const serializer = this.owner.lookup('serializer:oidc-provider');
+      const request = {
+        url: `/v1/internal/ui/oidc-auth-methods?dc=${dc}`,
+      };
+      return get(request.url).then(function(payload) {
+        const expected = payload.map(item =>
+          Object.assign({}, item, {
+            Datacenter: dc,
+            Namespace: item.Namespace || undefinedNspace,
+            uid: `["${item.Namespace || undefinedNspace}","${dc}","${item.Name}"]`,
+          })
+        );
+        const actual = serializer.respondForQuery(
+          function(cb) {
+            const headers = {};
+            const body = payload;
+            return cb(headers, body);
+          },
+          {
+            dc: dc,
+          }
+        );
+        assert.deepEqual(actual, expected);
+      });
+    });
+    test(`respondForQueryRecord returns the correct data for item endpoint when the nspace is ${nspace}`, function(assert) {
+      const serializer = this.owner.lookup('serializer:oidc-provider');
+      const dc = 'dc-1';
+      const id = 'slug';
+      const request = {
+        url: `/v1/acl/oidc/auth-url?dc=${dc}`,
+      };
+      return get(request.url).then(function(payload) {
+        const expected = Object.assign({}, payload, {
+          Name: id,
+          Datacenter: dc,
+          [META]: {
+            [DC.toLowerCase()]: dc,
+            [NSPACE.toLowerCase()]: payload.Namespace || undefinedNspace,
+          },
+          Namespace: payload.Namespace || undefinedNspace,
+          uid: `["${payload.Namespace || undefinedNspace}","${dc}","${id}"]`,
+        });
+        const actual = serializer.respondForQueryRecord(
+          function(cb) {
+            const headers = {};
+            const body = payload;
+            return cb(headers, body);
+          },
+          {
+            dc: dc,
+            id: id,
+          }
+        );
+        assert.deepEqual(actual, expected);
+      });
+    });
+  });
+});
diff --git a/ui-v2/tests/pages.js b/ui-v2/tests/pages.js
index 65af4f154f24..a925ae7e0d04 100644
--- a/ui-v2/tests/pages.js
+++ b/ui-v2/tests/pages.js
@@ -1,5 +1,5 @@
 import {
-  create,
+  create as createPage,
   clickable,
   is,
   attribute,
@@ -16,7 +16,6 @@ import createCancelable from 'consul-ui/tests/lib/page-object/createCancelable';
 
 // TODO: All component-like page objects should be moved into the component folder
 // along with all of its other dependencies once we can mae ember-cli ignore them
-import page from 'consul-ui/tests/pages/components/page';
 import radiogroup from 'consul-ui/tests/lib/page-object/radiogroup';
 import tabgroup from 'consul-ui/tests/lib/page-object/tabgroup';
 import freetextFilter from 'consul-ui/tests/pages/components/freetext-filter';
@@ -30,7 +29,9 @@ import policyFormFactory from 'consul-ui/tests/pages/components/policy-form';
 import policySelectorFactory from 'consul-ui/tests/pages/components/policy-selector';
 import roleFormFactory from 'consul-ui/tests/pages/components/role-form';
 import roleSelectorFactory from 'consul-ui/tests/pages/components/role-selector';
+import pageFactory from 'consul-ui/tests/pages/components/page';
 import consulIntentionListFactory from 'consul-ui/tests/pages/components/consul-intention-list';
+import authFormFactory from 'consul-ui/tests/pages/components/auth-form';
 
 // TODO: should this specifically be modal or form?
 // should all forms be forms?
@@ -72,12 +73,21 @@ const roleForm = roleFormFactory(submitable, cancelable, policySelector);
 const roleSelector = roleSelectorFactory(clickable, deletable, collection, alias, roleForm);
 
 const consulIntentionList = consulIntentionListFactory(collection, clickable, attribute, deletable);
+const authForm = authFormFactory(submitable, clickable, attribute);
+const page = pageFactory(clickable, attribute, is, authForm);
 
+const create = function(appView) {
+  appView = {
+    ...page(),
+    ...appView,
+  };
+  return createPage(appView);
+};
 export default {
   index: create(index(visitable, collection)),
   dcs: create(dcs(visitable, clickable, attribute, collection)),
   services: create(
-    services(visitable, clickable, text, attribute, collection, page, popoverSort, radiogroup)
+    services(visitable, clickable, text, attribute, collection, popoverSort, radiogroup)
   ),
   service: create(
     service(visitable, attribute, collection, text, consulIntentionList, catalogToolbar, tabgroup)
diff --git a/ui-v2/tests/pages/components/auth-form.js b/ui-v2/tests/pages/components/auth-form.js
new file mode 100644
index 000000000000..040474961fb8
--- /dev/null
+++ b/ui-v2/tests/pages/components/auth-form.js
@@ -0,0 +1,6 @@
+export default (submitable, clickable, attribute) => (scope = '.auth-form') => {
+  return {
+    scope: scope,
+    ...submitable(),
+  };
+};
diff --git a/ui-v2/tests/pages/components/page.js b/ui-v2/tests/pages/components/page.js
index 14742a504f08..6bac5b0b7a28 100644
--- a/ui-v2/tests/pages/components/page.js
+++ b/ui-v2/tests/pages/components/page.js
@@ -1,33 +1,50 @@
-import { clickable, is } from 'ember-cli-page-object';
-const page = {
-  navigation: ['services', 'nodes', 'kvs', 'acls', 'intentions', 'docs', 'settings'].reduce(
-    function(prev, item, i, arr) {
-      const key = item;
-      return Object.assign({}, prev, {
-        [key]: clickable(`[data-test-main-nav-${item}] a`),
-      });
+export default (clickable, attribute, is, authForm) => scope => {
+  const page = {
+    navigation: [
+      'services',
+      'nodes',
+      'kvs',
+      'acls',
+      'intentions',
+      'help',
+      'settings',
+      'auth',
+    ].reduce(
+      function(prev, item, i, arr) {
+        const key = item;
+        return Object.assign({}, prev, {
+          [key]: clickable(`[data-test-main-nav-${item}] > *`),
+        });
+      },
+      {
+        scope: '[data-test-navigation]',
+      }
+    ),
+    footer: ['copyright', 'docs'].reduce(
+      function(prev, item, i, arr) {
+        const key = item;
+        return Object.assign({}, prev, {
+          [key]: clickable(`[data-test-main-nav-${item}`),
+        });
+      },
+      {
+        scope: '[data-test-footer]',
+      }
+    ),
+    authdialog: {
+      form: authForm(),
     },
-    {
-      scope: '[data-test-navigation]',
-    }
-  ),
-  footer: ['copyright', 'docs'].reduce(
-    function(prev, item, i, arr) {
-      const key = item;
-      return Object.assign({}, prev, {
-        [key]: clickable(`[data-test-main-nav-${item}`),
-      });
+    error: {
+      status: attribute('data-test-status', '[data-test-status]'),
     },
-    {
-      scope: '[data-test-footer]',
-    }
-  ),
+  };
+  page.navigation.login = clickable('[data-test-main-nav-auth] label');
+  page.navigation.dc = clickable('[data-test-datacenter-menu] button');
+  page.navigation.nspace = clickable('[data-test-nspace-menu] button');
+  page.navigation.manageNspaces = clickable('[data-test-main-nav-nspaces] a');
+  page.navigation.manageNspacesIsVisible = is(
+    ':checked',
+    '[data-test-nspace-menu] > input[type="checkbox"]'
+  );
+  return page;
 };
-page.navigation.dc = clickable('[data-test-datacenter-menu] button');
-page.navigation.nspace = clickable('[data-test-nspace-menu] button');
-page.navigation.manageNspaces = clickable('[data-test-main-nav-nspaces] a');
-page.navigation.manageNspacesIsVisible = is(
-  ':checked',
-  '[data-test-nspace-menu] > input[type="checkbox"]'
-);
-export default page;
diff --git a/ui-v2/tests/pages/dc/acls/edit.js b/ui-v2/tests/pages/dc/acls/edit.js
index 71c0620717a9..a1648fb87f7b 100644
--- a/ui-v2/tests/pages/dc/acls/edit.js
+++ b/ui-v2/tests/pages/dc/acls/edit.js
@@ -6,6 +6,7 @@ export default function(visitable, submitable, deletable, cancelable, clickable)
         use: clickable('[data-test-use]'),
         confirmUse: clickable('button.type-delete'),
       })
-    )
+    ),
+    'main'
   );
 }
diff --git a/ui-v2/tests/pages/dc/acls/policies/edit.js b/ui-v2/tests/pages/dc/acls/policies/edit.js
index 57e80a0cb347..d3123ce2f452 100644
--- a/ui-v2/tests/pages/dc/acls/policies/edit.js
+++ b/ui-v2/tests/pages/dc/acls/policies/edit.js
@@ -1,9 +1,9 @@
 export default function(visitable, submitable, deletable, cancelable, clickable, tokenList) {
   return {
     visit: visitable(['/:dc/acls/policies/:policy', '/:dc/acls/policies/create']),
-    ...submitable({}, 'form > div'),
-    ...cancelable({}, 'form > div'),
-    ...deletable({}, 'form > div'),
+    ...submitable({}, 'main form > div'),
+    ...cancelable({}, 'main form > div'),
+    ...deletable({}, 'main form > div'),
     tokens: tokenList(),
     validDatacenters: clickable('[name="policy[isScoped]"]'),
     datacenter: clickable('[name="policy[Datacenters]"]'),
diff --git a/ui-v2/tests/pages/dc/acls/roles/edit.js b/ui-v2/tests/pages/dc/acls/roles/edit.js
index 85a794801f4b..bc1f95864f6c 100644
--- a/ui-v2/tests/pages/dc/acls/roles/edit.js
+++ b/ui-v2/tests/pages/dc/acls/roles/edit.js
@@ -1,9 +1,9 @@
 export default function(visitable, submitable, deletable, cancelable, policySelector, tokenList) {
   return {
     visit: visitable(['/:dc/acls/roles/:role', '/:dc/acls/roles/create']),
-    ...submitable({}, 'form > div'),
-    ...cancelable({}, 'form > div'),
-    ...deletable({}, 'form > div'),
+    ...submitable({}, 'main form > div'),
+    ...cancelable({}, 'main form > div'),
+    ...deletable({}, 'main form > div'),
     policies: policySelector(''),
     tokens: tokenList(),
   };
diff --git a/ui-v2/tests/pages/dc/acls/tokens/edit.js b/ui-v2/tests/pages/dc/acls/tokens/edit.js
index 4a5c533e5fc1..817ba1d7afe2 100644
--- a/ui-v2/tests/pages/dc/acls/tokens/edit.js
+++ b/ui-v2/tests/pages/dc/acls/tokens/edit.js
@@ -9,9 +9,9 @@ export default function(
 ) {
   return {
     visit: visitable(['/:dc/acls/tokens/:token', '/:dc/acls/tokens/create']),
-    ...submitable({}, 'form > div'),
-    ...cancelable({}, 'form > div'),
-    ...deletable({}, 'form > div'),
+    ...submitable({}, 'main form > div'),
+    ...cancelable({}, 'main form > div'),
+    ...deletable({}, 'main form > div'),
     use: clickable('[data-test-use]'),
     confirmUse: clickable('button.type-delete'),
     clone: clickable('[data-test-clone]'),
diff --git a/ui-v2/tests/pages/dc/intentions/edit.js b/ui-v2/tests/pages/dc/intentions/edit.js
index a9cdff3866b1..a59d3ea19432 100644
--- a/ui-v2/tests/pages/dc/intentions/edit.js
+++ b/ui-v2/tests/pages/dc/intentions/edit.js
@@ -4,6 +4,7 @@ export default function(visitable, submitable, deletable, cancelable) {
       deletable({
         visit: visitable(['/:dc/intentions/:intention', '/:dc/intentions/create']),
       })
-    )
+    ),
+    'main'
   );
 }
diff --git a/ui-v2/tests/pages/dc/kv/edit.js b/ui-v2/tests/pages/dc/kv/edit.js
index 872579e71b5d..96af4d72db78 100644
--- a/ui-v2/tests/pages/dc/kv/edit.js
+++ b/ui-v2/tests/pages/dc/kv/edit.js
@@ -8,7 +8,7 @@ export default function(visitable, attribute, submitable, deletable, cancelable)
         .map(encodeURIComponent)
         .join('/');
     }),
-    ...submitable(),
+    ...submitable({}, 'main'),
     ...cancelable(),
     ...deletable(),
     session: {
diff --git a/ui-v2/tests/pages/dc/nspaces/edit.js b/ui-v2/tests/pages/dc/nspaces/edit.js
index df15b4498ed4..1fa0c5832543 100644
--- a/ui-v2/tests/pages/dc/nspaces/edit.js
+++ b/ui-v2/tests/pages/dc/nspaces/edit.js
@@ -8,9 +8,9 @@ export default function(
 ) {
   return {
     visit: visitable(['/:dc/namespaces/:namespace', '/:dc/namespaces/create']),
-    ...submitable({}, 'form > div'),
-    ...cancelable({}, 'form > div'),
-    ...deletable({}, 'form > div'),
+    ...submitable({}, 'main form > div'),
+    ...cancelable({}, 'main form > div'),
+    ...deletable({}, 'main form > div'),
     policies: policySelector(),
     roles: roleSelector(),
   };
diff --git a/ui-v2/tests/pages/dc/services/index.js b/ui-v2/tests/pages/dc/services/index.js
index 0d3ea9e4319d..54b796cf3db1 100644
--- a/ui-v2/tests/pages/dc/services/index.js
+++ b/ui-v2/tests/pages/dc/services/index.js
@@ -1,4 +1,4 @@
-export default function(visitable, clickable, text, attribute, collection, page, popoverSort) {
+export default function(visitable, clickable, text, attribute, collection, popoverSort) {
   const service = {
     name: text('[data-test-service-name]'),
     service: clickable('a'),
@@ -11,7 +11,6 @@ export default function(visitable, clickable, text, attribute, collection, page,
     dcs: collection('[data-test-datacenter-picker]', {
       name: clickable('a'),
     }),
-    navigation: page.navigation,
     home: clickable('[data-test-home]'),
     sort: popoverSort,
   };
diff --git a/ui-v2/tests/unit/models/oidc-provider-test.js b/ui-v2/tests/unit/models/oidc-provider-test.js
new file mode 100644
index 000000000000..4fd0358ddb04
--- /dev/null
+++ b/ui-v2/tests/unit/models/oidc-provider-test.js
@@ -0,0 +1,13 @@
+import { module, test } from 'qunit';
+import { setupTest } from 'ember-qunit';
+
+module('Unit | Model | oidc-provider', function(hooks) {
+  setupTest(hooks);
+
+  // Replace this with your real tests.
+  test('it exists', function(assert) {
+    let store = this.owner.lookup('service:store');
+    let model = store.createRecord('oidc-provider', {});
+    assert.ok(model);
+  });
+});
diff --git a/ui-v2/tests/unit/serializers/oidc-provider-test.js b/ui-v2/tests/unit/serializers/oidc-provider-test.js
new file mode 100644
index 000000000000..daae4531f802
--- /dev/null
+++ b/ui-v2/tests/unit/serializers/oidc-provider-test.js
@@ -0,0 +1,23 @@
+import { module, test } from 'qunit';
+import { setupTest } from 'ember-qunit';
+
+module('Unit | Serializer | oidc-provider', function(hooks) {
+  setupTest(hooks);
+
+  // Replace this with your real tests.
+  test('it exists', function(assert) {
+    let store = this.owner.lookup('service:store');
+    let serializer = store.serializerFor('oidc-provider');
+
+    assert.ok(serializer);
+  });
+
+  test('it serializes records', function(assert) {
+    let store = this.owner.lookup('service:store');
+    let record = store.createRecord('oidc-provider', {});
+
+    let serializedRecord = record.serialize();
+
+    assert.ok(serializedRecord);
+  });
+});