Skip to main content
Skip table of contents

Enforce SSO only

While configuring a SAML provider, you can decide weather you want to allow SSO and normal UI logins in parallel. In this case the checkbox stay deactivated.
All your users will be able to maintain their passwords and use such information to perform a login via the UI as well as login via the setup SSO login process.

When you want to limit the access to your organization to SSO users only, you can activate the checkbox.
In this case only users that perform their authentication via your SAML Provider will be able to access your organization. In advance, users will not be able to maintain their password or request a new one. There is one exception:

In order to enable organization administrators to access an organization even if their SAML Provider is down, we allow users with the access-right “SSO-edit“ to enter their organization via the normal Login UI which can be reached by access the instance without the SSO Startlink of the organization. Users with such rights are also excluded from password change limitations. This enables such users to deactivate the SSO Enforce function if needed independently from the availability of their SAML Provider.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close