Allow org admins to disable the "Can't log in?" option to prevent users to bypass 2FA and SAML login

XMLWordPrintable

      Problem

      • Managed users can use the "Can't log in?" option to bypass the SAML SSO integration at any time. Additionally, the users can also bypass the 2FA. Although this is a helpful tool, this is also a security weakness.

      Suggestion

      • Allow org admins to disable the "Can't log in?" option for the users that are not org administrators. If users that are not org admins can't access the SAML SSO configuration and fix any problem with the set up, there is no reason for these users to have the ability to bypass the SAML SSO integration or the 2FA.

              Assignee:
              Unassigned
              Reporter:
              Mauricio Soliz
              Votes:
              4 Vote for this issue
              Watchers:
              9 Start watching this issue

                Created:
                Updated:
                Resolved: