Add a choice to force SAML for everyone except account owner and CSP partner

  • 1
  • Idea
  • Updated 8 months ago
Today anyone with the right to "manage employees" can bypass SAML login.
It could be useful to have a choice in the user access menu to choose between SAML/standard/both for all employees in order to force (or not) the authentication chosen.
Except of course for the ones with "configure SSO settings" rights to prevent to be stuck in case of SAML failure.
Photo of Renaud

Renaud

  • 17 Posts
  • 4 Reply Likes

Posted 8 months ago

  • 1
Photo of Ross Bender

Ross Bender

  • 61 Posts
  • 10 Reply Likes
While I agree the flexibility would be nice, I think the ability to turn on/off SSO for a user is typically tied to an "administrator" type of role. For most of the SAML integrations I've worked, I've found it's tied to an administrator privilege rather than a per-user setting/privilege. Just my two cents...